last executing test programs: 21.748565853s ago: executing program 4: r0 = socket(0x2, 0x3, 0x1) getsockopt(r0, 0xff, 0x100000000000001, 0x0, &(0x7f0000000040)=0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) mount$9p_virtio(0x0, &(0x7f0000000100)='./file0/../file0/file0/file0\x00', 0x0, 0x0, 0x0) read$FUSE(r1, &(0x7f000000e280)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000380)={0x50, 0x0, r4, {0x7, 0x28, 0x0, 0x18000}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a0400711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90}, 0x0, 0x0, 0x0, 0x0}) 20.787312642s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 20.641139664s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r3}, 0x10) unlink(&(0x7f0000000140)='./cgroup\x00') r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r4}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 20.524063863s ago: executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_aout(r3, 0x0, 0x6a) splice(r0, 0x0, r3, 0x0, 0x8ec3, 0x0) readv(r2, &(0x7f0000000080)=[{&(0x7f00000078c0)=""/110, 0x6e}], 0x1) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r4, 0x0, 0x800, 0x0) write$binfmt_elf64(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) 19.594187196s ago: executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) fchdir(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) dup3(r1, r0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)={0x438203, 0x0, 0xf}, 0x18) 19.447015909s ago: executing program 4: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) socket(0x1d, 0x2, 0x6) r2 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) 6.242168006s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r1}, 0x9) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r4}, 0x9) ioctl$SIOCSIFHWADDR(r3, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) 6.083643151s ago: executing program 1: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sched_setscheduler(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) 5.027033854s ago: executing program 1: r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905940300020000000904010000020d00000904010102020d0000090582020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0xffffffffffffffb4, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 3.467660584s ago: executing program 3: socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x3a, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000004c0), 0x32d, 0x20008090) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x10cb0, 0x0, 0xfc, 0x0, &(0x7f0000000000)) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000800)}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000540)={0x3, &(0x7f0000000500)=[{0x0, 0x0, 0x7, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x20, 0x7, 0x7d}]}, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001900010026bd760000000000fc010000000000000000000000080000ac1414bb0000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x8923, &(0x7f0000000680)={'syztnl2\x00', &(0x7f00000002c0)}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) ptrace$cont(0x9, r5, 0x6, 0x80020) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000000002009500000000000000de3a5c5b7db6d340ac7e76ab27be3478ab00003c4bfca8b68f0ef4c3305a511b19a76958e9b7e970ebb213f67df9083207c87e1c212cd64da2b6b8c070f60d744c0bfe81c753e78c00bcca761ad3e4d95a3cd12cd2531de1d789d33a94267c725acf2c32377781d5b032197a7924e79d3165c5f63aee1a6604610d59fa089234349d9c53008382c166482a1e561f73ad9c530fe0c29f9ab6faba5b0213e9653b93fdbfbec09511d102b3b42ccc4006445d395418a87288c7c0a181f8f9f892d9d4fc7d30db9e51afe8e6fd7863062ce3aac3404f02392e0d8772582b4ca007eb08f0c0f4e8b8770d8f2ed60f049cdad9fa2dc3adda1ea29f3c8f6ff2fc7477767f0c14ca4afa19494db0f499160bc332647a809d56711544eef166a9a089"], &(0x7f00000000c0)='GPL\x00', 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x800, 0x0) r8 = dup3(0xffffffffffffffff, r7, 0x80000) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'gre0\x00', &(0x7f0000000580)}) ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f0000000400)) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=@newlinkprop={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8}, @IFLA_OPERSTATE]}, 0x77}}, 0x0) 3.361682471s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x800, &(0x7f0000000100)={[{@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@numtail}, {@utf8no}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '775'}}, {@fat=@codepage={'codepage', 0x3d, '860'}}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@rodir}, {@uni_xlate}]}, 0x1, 0x27e, &(0x7f0000000240)="$eJzs3bFqW1cYB/BPtlzJhiINBdNS6C1dOgnbxbtMcaFU0NKioZ1qYpsEyzHEYEgG25vJOySvkIxZAxlC1rxACAQnkCXO5CGgoFxZkRxJsZxICsnvt/hD5/zvPef4cC8efPT/95sbq1vb60dHh5HPZyJbjnIcZ6IYEzEZqf0AAD4nx/V6vKinxj0WAGA0vP8B4MvT7/2f2W999tfoRwYADMsH/f0/MZQhAQBD9s+///2xVKks/50k+YjNg53qTjX9mbYvrcelqMVazEUhXkXUW9L6t98ry3NJw9Ni5Df3JtL83k51sjM/H4Uods/PJ6moNnIn+amYaeYfzcRaLEQhvumeX+ia/yp+/qnt/qUoxMMLsRW1WI1GNs3nImJ3Pkl+/bPSWICmRj73ph8AAAAAAAAAAAAAAAAAAAAAAAxDKWkpdp6fk57fUyr1ak/z7ecDTfc7H6i+d+p8nmx8lx3v3AEAAAAAAAAAAAAAAAAAAOBTsX312sZKrbZ2pV9x+cGte4e5NPDezv2LTPO+g6UO+vaZPj2LfEQsRkTf1Nc/PrnRrSkXuTOtz8lMzr0aU6dGmDQvePeH8y/vyIr7hxe//WV7drGtqdK+NyLbnrremGrHdXpspOzZNuTgxfNCRM8++YE3ZHtx+6Qov3ynT661SabH/YubvVleubP7+NlZU30eGvXJj/0YAgAAAAAAAAAAAAAAAAAAOv6/vXefxVEOCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADG4O33/w9a5KLjk3zPzvvjniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwOAAD//yaKiz8=") r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000850000009e00000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xad, &(0x7f00000003c0)=""/173}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x15, &(0x7f0000000080)={{r3}, 0x0, 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) 3.079137344s ago: executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000300)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) tee(r0, r1, 0xaf5, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r3, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4 \x00'}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x10) 2.565364504s ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000014000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) ftruncate(0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r2, &(0x7f0000000100), 0xb) splice(r4, 0x0, r5, 0x0, 0x8000f28, 0x0) splice(r1, 0x0, r5, 0x0, 0x80, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) write(r3, 0x0, 0x0) 2.380136603s ago: executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sched_setscheduler(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) 2.362508395s ago: executing program 2: process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r0 = getpid() r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) inotify_init1(0x0) syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2008418, &(0x7f0000000b40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45aca9836c319f437199ff24212c651baef614d442ae89412ad3dcd0b7586d02fe296d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1e73fa85bae63db763c51fc02936b3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c500000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2680b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2100931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000008886b313bd01a22d576e414011a4f0a897514329f86d4585fa0ea17068f8af349696da4a2b37828931cf6a369db22b556a8e24310ca52ec51bc23d8c73e6410eb41ca6748e0b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515e34ac8c454a30dd54a580abcf2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55a0016ff1ec9da9ccc1191c2116322020c66d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d58633d97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575e2449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4ab22052b9467d0da116ccc1652d861a420f08baf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cfe0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c863907079cbafe80d01f8a0000000000024589ec3f88e6e99bf1d4373f24d760da4d35e6658f54190e4ce3f5ae00b44b71e299d3f6c892d9abbafbc531d68a84b4688b282bf99dd29c2c037be31b0e7d320a941fb000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRESOCT], 0x1, 0x5549, &(0x7f0000003d80)="$eJzs3EtvG9UXAPA7TpP++/xHiAW7jlQhJVJt1elDsAvQiodIFfFYsALHdiy3tieKHSeEDRIsEQu+CQKJFUs+AwvW7BALEDskkOeOKaE8WtmJk/b3k8Zn5s74zLkjK9GZsRyAJ9Zi+stPSbgYzoQQ5kII55OQryfFkluN4ZkQwqUQQulPS1KM/zGwEEI4G0K4OEoecybFrs+uDC/f+PG1n7/+9vSpc59/9d3sZg3M2rMhhO5WXN/txpi1YrxbjNeG7Tx2rw+LGHd07xXbWYy7zY08w25tfFwtj9da8fhsa6c/ipudWn0UW+3NfHyrF0/YH7bGefI33K1t59uN5kYe2/0sj639WNfefvzbtt8fxDyNIt/7efowGIxjHG/uNeN8tu7lsd4bFOMxb9Zo7o3isIjF6UI96zTyOjYmudLH2+vt3s5eOmxu99tZL71RqT5Xqd4sV7ezRnPQvF6udRs3r6dLrc7osPKgWeuutrKs1WlW6ll3OV1q1evlajVdutXcaNd6abVauVa5Wr6xXKxdSV++83baaaRLo/hiu7ez0O70081sO43vWE5XKteeX04vV9M319bT9Tdu315bf+vdW+/ceWHt1ZeKgx4oK11aubqyUq5eLa9Ul4/B/Ef/dx9y/oNJ5v9xUfQjzD+Z7PLAv3v0D9gHC4dSCMDJ8UD/H/T/wOE76f1/mGb/P2qp9P//3f+WJu//J+p/j2v/f4LnDxNxgwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In1/fwXr+Qri3H7XDF+oRh6qthOQgilEMJvf2MuLBzIOVfkmf+H4+f/UsM3ScgzjM5xuljOhhBWi+XX/x/2VQAAAIDH15cfXvo0duvxZXHWBXGU4k2b0vn3ppQvCSHML/4wpWyl0cvTU0qWf75Phb0pZctvYP1vSsniLbdT08r2UObG4aML9wfzCSUxlI60HAAA4EjMHQhH24UAAABwlD6ZdQHMRhLGjzLHz4Lzb97ff7R55sA+AAAA4ARKZl0AAAAAcOjy/t/v/wEAAMDjLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzt3cJg6EYQD+bDA/+6NFq71vK3uDMraEPe4xUECaoATSQhqgBnJLCRFE2CMkRyCBsGOBnkfymLHR6xnw5RtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2vRSrGZPD78fr83Z7q7TzGwAAACAYzbFalZ+mFT9r+n493ToZ+pnEZFHxLHavReDWmYv5RQnvl98GMNzRJmwv8YwbV8i4k/a3n60/SsAAADA/VovltOqWq+aSdcD4jNVizb5t78N5WURUUxeG0rL982vhsLK+7sf/xtKKxewRg2FVUtu/ePnBueGjC+6ZK+2SzMZzcs/sezlF8UBAAA3oV4JnKhCAAAAuAP/uh4A3cgOzeE547DapQeC41oPAAAAuEFZ1wMAAAAAWlfW/97/BwAAAPetev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdoUq9l6sZyeOj8/M2e7u05zMwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Z3/ebQCEwRgMmjd0KPsPizwBZZq76tNvpQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK81ydLYGm+SvdfG0fNIcnZqXJ0ad+fG0wdj9icAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYuX/eOIooAODv9m4vfwBhDHJhQEGigIbYl5CQEgqQRcFHQLKcczBcCCQuSGSB3ECFXKdBUCKEBDJdvkPqWEoTuhQujEQN2r1dZ5MYfFjH7sX+/aTZeXsezbzZO1l+3rUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABK2+/ES0kRt7PD1DAuX7uzs7aU9VuP9JlbG3dns5bFrf0W+ubt8Sc/2V6unpyaqZx8VX8yAAAAHA3tsr6PiHvp5kLWJ1N5/Z+WY7Ka//tnhnFZzz9a92/trB0vvjRb1v+//Xr/hd2FpobrZJMurwz684+n0vmftjjxnt13RCe/8vnvXtr5G5K8v/78dppfz9a3t2+/283DY3VkCwAcxOmyL4Ly56Gs7zWZGABHRqdSeJf1f3uq2ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6rC9Hk+VcSsiZjsP4szWztrSXv2tjbuzZTt/8+ZGdc5sijQillcG/bTGvUy6a9dvfLI4GPSvjhIk/2XwvsGpiBjrhAcJPhxhTMS/jyk+ntHcLv45aE1GGo0GSfH+TEo+4wzKz974Z27oGxIAAIdWWrSsrr+Xbi5kr7WmI/764eH6/7VKHCPW//c/On+nula1/u/VtsPJN7d6+bO5a9dvvLFyefFS/1L/0zfP9N7qnb1w7tyFuexazc8tR9KfbzpNAAAAnmDdolXr/2T68fv/JytxjFj/f/5d78vqWm31/54e3PRrOhMAAICjqLsbPffKn3+09hjR6nbji8XV1au94XH3/MzwWGu6B3SsaNX6vz3ddFYAAABAHbbXWw/d/79YiWPE+/9P//jiz9U52xFxIuJKRPRPL10ZXKxvOxOtjj9UzhfqNr1TAAAAmnKiaNX7/2n+/H+y+8hDEhGvvzqMy/91NUr9337v65+qa1Wf/z9b3xYnUjIzvB55PxPRmWk6IwAAAA6z40XLiv3f082Fj385+UHX8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//5X/Nho=") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 2.317513942s ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2.232170465s ago: executing program 1: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000006d02420e60f0098dee2010203010902120001000000000904"], 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) 2.148786788s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0xfffffffffffffff8) dup2(r1, r2) 2.07369205s ago: executing program 0: process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r0 = getpid() r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) inotify_init1(0x0) syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2008418, &(0x7f0000000b40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45aca9836c319f437199ff24212c651baef614d442ae89412ad3dcd0b7586d02fe296d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1e73fa85bae63db763c51fc02936b3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c500000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2680b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2100931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000008886b313bd01a22d576e414011a4f0a897514329f86d4585fa0ea17068f8af349696da4a2b37828931cf6a369db22b556a8e24310ca52ec51bc23d8c73e6410eb41ca6748e0b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515e34ac8c454a30dd54a580abcf2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55a0016ff1ec9da9ccc1191c2116322020c66d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d58633d97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575e2449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4ab22052b9467d0da116ccc1652d861a420f08baf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cfe0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c863907079cbafe80d01f8a0000000000024589ec3f88e6e99bf1d4373f24d760da4d35e6658f54190e4ce3f5ae00b44b71e299d3f6c892d9abbafbc531d68a84b4688b282bf99dd29c2c037be31b0e7d320a941fb000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRESOCT], 0x1, 0x5549, &(0x7f0000003d80)="$eJzs3EtvG9UXAPA7TpP++/xHiAW7jlQhJVJt1elDsAvQiodIFfFYsALHdiy3tieKHSeEDRIsEQu+CQKJFUs+AwvW7BALEDskkOeOKaE8WtmJk/b3k8Zn5s74zLkjK9GZsRyAJ9Zi+stPSbgYzoQQ5kII55OQryfFkluN4ZkQwqUQQulPS1KM/zGwEEI4G0K4OEoecybFrs+uDC/f+PG1n7/+9vSpc59/9d3sZg3M2rMhhO5WXN/txpi1YrxbjNeG7Tx2rw+LGHd07xXbWYy7zY08w25tfFwtj9da8fhsa6c/ipudWn0UW+3NfHyrF0/YH7bGefI33K1t59uN5kYe2/0sj639WNfefvzbtt8fxDyNIt/7efowGIxjHG/uNeN8tu7lsd4bFOMxb9Zo7o3isIjF6UI96zTyOjYmudLH2+vt3s5eOmxu99tZL71RqT5Xqd4sV7ezRnPQvF6udRs3r6dLrc7osPKgWeuutrKs1WlW6ll3OV1q1evlajVdutXcaNd6abVauVa5Wr6xXKxdSV++83baaaRLo/hiu7ez0O70081sO43vWE5XKteeX04vV9M319bT9Tdu315bf+vdW+/ceWHt1ZeKgx4oK11aubqyUq5eLa9Ul4/B/Ef/dx9y/oNJ5v9xUfQjzD+Z7PLAv3v0D9gHC4dSCMDJ8UD/H/T/wOE76f1/mGb/P2qp9P//3f+WJu//J+p/j2v/f4LnDxNxgwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In1/fwXr+Qri3H7XDF+oRh6qthOQgilEMJvf2MuLBzIOVfkmf+H4+f/UsM3ScgzjM5xuljOhhBWi+XX/x/2VQAAAIDH15cfXvo0duvxZXHWBXGU4k2b0vn3ppQvCSHML/4wpWyl0cvTU0qWf75Phb0pZctvYP1vSsniLbdT08r2UObG4aML9wfzCSUxlI60HAAA4EjMHQhH24UAAABwlD6ZdQHMRhLGjzLHz4Lzb97ff7R55sA+AAAA4ARKZl0AAAAAcOjy/t/v/wEAAMDjLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzt3cJg6EYQD+bDA/+6NFq71vK3uDMraEPe4xUECaoATSQhqgBnJLCRFE2CMkRyCBsGOBnkfymLHR6xnw5RtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2vRSrGZPD78fr83Z7q7TzGwAAACAYzbFalZ+mFT9r+n493ToZ+pnEZFHxLHavReDWmYv5RQnvl98GMNzRJmwv8YwbV8i4k/a3n60/SsAAADA/VovltOqWq+aSdcD4jNVizb5t78N5WURUUxeG0rL982vhsLK+7sf/xtKKxewRg2FVUtu/ePnBueGjC+6ZK+2SzMZzcs/sezlF8UBAAA3oV4JnKhCAAAAuAP/uh4A3cgOzeE547DapQeC41oPAAAAuEFZ1wMAAAAAWlfW/97/BwAAAPetev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdoUq9l6sZyeOj8/M2e7u05zMwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Z3/ebQCEwRgMmjd0KPsPizwBZZq76tNvpQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK81ydLYGm+SvdfG0fNIcnZqXJ0ad+fG0wdj9icAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYuX/eOIooAODv9m4vfwBhDHJhQEGigIbYl5CQEgqQRcFHQLKcczBcCCQuSGSB3ECFXKdBUCKEBDJdvkPqWEoTuhQujEQN2r1dZ5MYfFjH7sX+/aTZeXsezbzZO1l+3rUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABK2+/ES0kRt7PD1DAuX7uzs7aU9VuP9JlbG3dns5bFrf0W+ubt8Sc/2V6unpyaqZx8VX8yAAAAHA3tsr6PiHvp5kLWJ1N5/Z+WY7Ka//tnhnFZzz9a92/trB0vvjRb1v+//Xr/hd2FpobrZJMurwz684+n0vmftjjxnt13RCe/8vnvXtr5G5K8v/78dppfz9a3t2+/283DY3VkCwAcxOmyL4Ly56Gs7zWZGABHRqdSeJf1f3uq2ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6rC9Hk+VcSsiZjsP4szWztrSXv2tjbuzZTt/8+ZGdc5sijQillcG/bTGvUy6a9dvfLI4GPSvjhIk/2XwvsGpiBjrhAcJPhxhTMS/jyk+ntHcLv45aE1GGo0GSfH+TEo+4wzKz974Z27oGxIAAIdWWrSsrr+Xbi5kr7WmI/764eH6/7VKHCPW//c/On+nula1/u/VtsPJN7d6+bO5a9dvvLFyefFS/1L/0zfP9N7qnb1w7tyFuexazc8tR9KfbzpNAAAAnmDdolXr/2T68fv/JytxjFj/f/5d78vqWm31/54e3PRrOhMAAICjqLsbPffKn3+09hjR6nbji8XV1au94XH3/MzwWGu6B3SsaNX6vz3ddFYAAABAHbbXWw/d/79YiWPE+/9P//jiz9U52xFxIuJKRPRPL10ZXKxvOxOtjj9UzhfqNr1TAAAAmnKiaNX7/2n+/H+y+8hDEhGvvzqMy/91NUr9337v65+qa1Wf/z9b3xYnUjIzvB55PxPRmWk6IwAAAA6z40XLiv3f082Fj385+UHX8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//5X/Nho=") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.424825029s ago: executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00'}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_pid(r2, &(0x7f0000000080)=0xffffffffffffffff, 0x12) 1.402246293s ago: executing program 2: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x8, 0x8, 0x6, 0x0, 0x1}, 0x48) r1 = socket(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000002040), &(0x7f0000000100)=@tcp6=r1}, 0x20) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 1.262180225s ago: executing program 3: process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) r0 = getpid() r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) inotify_init1(0x0) syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2008418, &(0x7f0000000b40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45aca9836c319f437199ff24212c651baef614d442ae89412ad3dcd0b7586d02fe296d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1e73fa85bae63db763c51fc02936b3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c500000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2680b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2100931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000008886b313bd01a22d576e414011a4f0a897514329f86d4585fa0ea17068f8af349696da4a2b37828931cf6a369db22b556a8e24310ca52ec51bc23d8c73e6410eb41ca6748e0b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515e34ac8c454a30dd54a580abcf2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55a0016ff1ec9da9ccc1191c2116322020c66d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d58633d97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575e2449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4ab22052b9467d0da116ccc1652d861a420f08baf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cfe0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c863907079cbafe80d01f8a0000000000024589ec3f88e6e99bf1d4373f24d760da4d35e6658f54190e4ce3f5ae00b44b71e299d3f6c892d9abbafbc531d68a84b4688b282bf99dd29c2c037be31b0e7d320a941fb000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRESOCT], 0x1, 0x5549, &(0x7f0000003d80)="$eJzs3EtvG9UXAPA7TpP++/xHiAW7jlQhJVJt1elDsAvQiodIFfFYsALHdiy3tieKHSeEDRIsEQu+CQKJFUs+AwvW7BALEDskkOeOKaE8WtmJk/b3k8Zn5s74zLkjK9GZsRyAJ9Zi+stPSbgYzoQQ5kII55OQryfFkluN4ZkQwqUQQulPS1KM/zGwEEI4G0K4OEoecybFrs+uDC/f+PG1n7/+9vSpc59/9d3sZg3M2rMhhO5WXN/txpi1YrxbjNeG7Tx2rw+LGHd07xXbWYy7zY08w25tfFwtj9da8fhsa6c/ipudWn0UW+3NfHyrF0/YH7bGefI33K1t59uN5kYe2/0sj639WNfefvzbtt8fxDyNIt/7efowGIxjHG/uNeN8tu7lsd4bFOMxb9Zo7o3isIjF6UI96zTyOjYmudLH2+vt3s5eOmxu99tZL71RqT5Xqd4sV7ezRnPQvF6udRs3r6dLrc7osPKgWeuutrKs1WlW6ll3OV1q1evlajVdutXcaNd6abVauVa5Wr6xXKxdSV++83baaaRLo/hiu7ez0O70081sO43vWE5XKteeX04vV9M319bT9Tdu315bf+vdW+/ceWHt1ZeKgx4oK11aubqyUq5eLa9Ul4/B/Ef/dx9y/oNJ5v9xUfQjzD+Z7PLAv3v0D9gHC4dSCMDJ8UD/H/T/wOE76f1/mGb/P2qp9P//3f+WJu//J+p/j2v/f4LnDxNxgwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In1/fwXr+Qri3H7XDF+oRh6qthOQgilEMJvf2MuLBzIOVfkmf+H4+f/UsM3ScgzjM5xuljOhhBWi+XX/x/2VQAAAIDH15cfXvo0duvxZXHWBXGU4k2b0vn3ppQvCSHML/4wpWyl0cvTU0qWf75Phb0pZctvYP1vSsniLbdT08r2UObG4aML9wfzCSUxlI60HAAA4EjMHQhH24UAAABwlD6ZdQHMRhLGjzLHz4Lzb97ff7R55sA+AAAA4ARKZl0AAAAAcOjy/t/v/wEAAMDjLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzt3cJg6EYQD+bDA/+6NFq71vK3uDMraEPe4xUECaoATSQhqgBnJLCRFE2CMkRyCBsGOBnkfymLHR6xnw5RtLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2vRSrGZPD78fr83Z7q7TzGwAAACAYzbFalZ+mFT9r+n493ToZ+pnEZFHxLHavReDWmYv5RQnvl98GMNzRJmwv8YwbV8i4k/a3n60/SsAAADA/VovltOqWq+aSdcD4jNVizb5t78N5WURUUxeG0rL982vhsLK+7sf/xtKKxewRg2FVUtu/ePnBueGjC+6ZK+2SzMZzcs/sezlF8UBAAA3oV4JnKhCAAAAuAP/uh4A3cgOzeE547DapQeC41oPAAAAuEFZ1wMAAAAAWlfW/97/BwAAAPetev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbdoUq9l6sZyeOj8/M2e7u05zMwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Z3/ebQCEwRgMmjd0KPsPizwBZZq76tNvpQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK81ydLYGm+SvdfG0fNIcnZqXJ0ad+fG0wdj9icAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYuX/eOIooAODv9m4vfwBhDHJhQEGigIbYl5CQEgqQRcFHQLKcczBcCCQuSGSB3ECFXKdBUCKEBDJdvkPqWEoTuhQujEQN2r1dZ5MYfFjH7sX+/aTZeXsezbzZO1l+3rUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABK2+/ES0kRt7PD1DAuX7uzs7aU9VuP9JlbG3dns5bFrf0W+ubt8Sc/2V6unpyaqZx8VX8yAAAAHA3tsr6PiHvp5kLWJ1N5/Z+WY7Ka//tnhnFZzz9a92/trB0vvjRb1v+//Xr/hd2FpobrZJMurwz684+n0vmftjjxnt13RCe/8vnvXtr5G5K8v/78dppfz9a3t2+/283DY3VkCwAcxOmyL4Ly56Gs7zWZGABHRqdSeJf1f3uq2ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6rC9Hk+VcSsiZjsP4szWztrSXv2tjbuzZTt/8+ZGdc5sijQillcG/bTGvUy6a9dvfLI4GPSvjhIk/2XwvsGpiBjrhAcJPhxhTMS/jyk+ntHcLv45aE1GGo0GSfH+TEo+4wzKz974Z27oGxIAAIdWWrSsrr+Xbi5kr7WmI/764eH6/7VKHCPW//c/On+nula1/u/VtsPJN7d6+bO5a9dvvLFyefFS/1L/0zfP9N7qnb1w7tyFuexazc8tR9KfbzpNAAAAnmDdolXr/2T68fv/JytxjFj/f/5d78vqWm31/54e3PRrOhMAAICjqLsbPffKn3+09hjR6nbji8XV1au94XH3/MzwWGu6B3SsaNX6vz3ddFYAAABAHbbXWw/d/79YiWPE+/9P//jiz9U52xFxIuJKRPRPL10ZXKxvOxOtjj9UzhfqNr1TAAAAmnKiaNX7/2n+/H+y+8hDEhGvvzqMy/91NUr9337v65+qa1Wf/z9b3xYnUjIzvB55PxPRmWk6IwAAAA6z40XLiv3f082Fj385+UHX8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfs7AAD//5X/Nho=") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) mkdir(&(0x7f00000002c0)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.213745533s ago: executing program 2: bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x1, 0x2, [{{0xa, 0x0, 0x0, @local}}, {{0xa, 0x0, 0x0, @remote}}]}, 0x190) syz_emit_ethernet(0x46, &(0x7f0000000cc0)={@link_local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra}}}}}, 0x0) 1.134186715s ago: executing program 0: socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x3a, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000004c0), 0x32d, 0x20008090) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x10cb0, 0x0, 0xfc, 0x0, &(0x7f0000000000)) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000800)}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000540)={0x3, &(0x7f0000000500)=[{0x0, 0x0, 0x7, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x20, 0x7, 0x7d}]}, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001900010026bd760000000000fc010000000000000000000000080000ac1414bb0000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x8923, &(0x7f0000000680)={'syztnl2\x00', &(0x7f00000002c0)}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) ptrace$cont(0x9, r5, 0x6, 0x80020) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000000002009500000000000000de3a5c5b7db6d340ac7e76ab27be3478ab00003c4bfca8b68f0ef4c3305a511b19a76958e9b7e970ebb213f67df9083207c87e1c212cd64da2b6b8c070f60d744c0bfe81c753e78c00bcca761ad3e4d95a3cd12cd2531de1d789d33a94267c725acf2c32377781d5b032197a7924e79d3165c5f63aee1a6604610d59fa089234349d9c53008382c166482a1e561f73ad9c530fe0c29f9ab6faba5b0213e9653b93fdbfbec09511d102b3b42ccc4006445d395418a87288c7c0a181f8f9f892d9d4fc7d30db9e51afe8e6fd7863062ce3aac3404f02392e0d8772582b4ca007eb08f0c0f4e8b8770d8f2ed60f049cdad9fa2dc3adda1ea29f3c8f6ff2fc7477767f0c14ca4afa19494db0f499160bc332647a809d56711544eef166a9a089"], &(0x7f00000000c0)='GPL\x00', 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x800, 0x0) r8 = dup3(0xffffffffffffffff, r7, 0x80000) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'gre0\x00', &(0x7f0000000580)}) ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f0000000400)) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=@newlinkprop={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8}, @IFLA_OPERSTATE]}, 0x77}}, 0x0) 1.052193327s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) open(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600b35, 0x15) 163.710984ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 141.419158ms ago: executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 88.525606ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) unshare(0x0) syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000e00000018608ffffffff0002"], 0x0) syz_usb_connect(0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000690109022f00010000000009040000000e010000152403"], 0x0) 42.167613ms ago: executing program 0: socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x3a, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000004c0), 0x32d, 0x20008090) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x10cb0, 0x0, 0xfc, 0x0, &(0x7f0000000000)) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000040)={'gre0\x00', &(0x7f0000000800)}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000540)={0x3, &(0x7f0000000500)=[{0x0, 0x0, 0x7, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x20, 0x7, 0x7d}]}, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001900010026bd760000000000fc010000000000000000000000080000ac1414bb0000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x8923, &(0x7f0000000680)={'syztnl2\x00', &(0x7f00000002c0)}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) ptrace$cont(0x9, r5, 0x6, 0x80020) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000000002009500000000000000de3a5c5b7db6d340ac7e76ab27be3478ab00003c4bfca8b68f0ef4c3305a511b19a76958e9b7e970ebb213f67df9083207c87e1c212cd64da2b6b8c070f60d744c0bfe81c753e78c00bcca761ad3e4d95a3cd12cd2531de1d789d33a94267c725acf2c32377781d5b032197a7924e79d3165c5f63aee1a6604610d59fa089234349d9c53008382c166482a1e561f73ad9c530fe0c29f9ab6faba5b0213e9653b93fdbfbec09511d102b3b42ccc4006445d395418a87288c7c0a181f8f9f892d9d4fc7d30db9e51afe8e6fd7863062ce3aac3404f02392e0d8772582b4ca007eb08f0c0f4e8b8770d8f2ed60f049cdad9fa2dc3adda1ea29f3c8f6ff2fc7477767f0c14ca4afa19494db0f499160bc332647a809d56711544eef166a9a089"], &(0x7f00000000c0)='GPL\x00', 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x800, 0x0) r8 = dup3(0xffffffffffffffff, r7, 0x80000) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'gre0\x00', &(0x7f0000000580)}) ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f0000000400)) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=@newlinkprop={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8}, @IFLA_OPERSTATE]}, 0x77}}, 0x0) 0s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) kernel console output (not intermixed with test programs): (NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 965.999146][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 966.010638][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 966.019030][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 966.030927][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 966.038665][T22313] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 966.047834][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 966.055344][T22313] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 966.064045][T22313] usb 1-1: Product: syz [ 966.065073][ T437] device veth0_vlan entered promiscuous mode [ 966.068128][T22313] usb 1-1: Manufacturer: syz [ 966.078557][T22313] usb 1-1: SerialNumber: syz [ 966.083605][T22313] usb 1-1: config 0 descriptor?? [ 966.088652][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 966.096340][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 966.112509][ T437] device veth1_macvtap entered promiscuous mode [ 966.119005][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 966.127094][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 966.135163][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 966.147327][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 966.155325][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 966.164510][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 966.172838][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 966.346409][ T431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 966.354612][ T431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 966.363122][ T431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 966.371404][ T431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 966.380296][T11750] usb 1-1: USB disconnect, device number 91 [ 966.548621][ T465] syz-executor.3[465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 966.548677][ T465] syz-executor.3[465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 966.856281][T11750] usb 2-1: new high-speed USB device number 105 using dummy_hcd [ 967.106217][T11750] usb 2-1: Using ep0 maxpacket: 16 [ 967.226266][T11750] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 967.234179][T11750] usb 2-1: config 0 has no interface number 0 [ 967.269585][ T497] bridge0: port 1(bridge_slave_0) entered blocking state [ 967.276507][ T497] bridge0: port 1(bridge_slave_0) entered disabled state [ 967.283598][ T497] device bridge_slave_0 entered promiscuous mode [ 967.290607][ T497] bridge0: port 2(bridge_slave_1) entered blocking state [ 967.297751][ T497] bridge0: port 2(bridge_slave_1) entered disabled state [ 967.305287][ T497] device bridge_slave_1 entered promiscuous mode [ 967.358919][ T497] bridge0: port 2(bridge_slave_1) entered blocking state [ 967.365778][ T497] bridge0: port 2(bridge_slave_1) entered forwarding state [ 967.372904][ T497] bridge0: port 1(bridge_slave_0) entered blocking state [ 967.379679][ T497] bridge0: port 1(bridge_slave_0) entered forwarding state [ 967.409340][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 967.418218][T27921] bridge0: port 1(bridge_slave_0) entered disabled state [ 967.425719][T27921] bridge0: port 2(bridge_slave_1) entered disabled state [ 967.426343][T11750] usb 2-1: New USB device found, idVendor=22b7, idProduct=150d, bcdDevice=27.77 [ 967.441518][T11750] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 967.449347][T11750] usb 2-1: Product: syz [ 967.453322][T11750] usb 2-1: Manufacturer: syz [ 967.458488][T11750] usb 2-1: SerialNumber: syz [ 967.465795][T11750] usb 2-1: config 0 descriptor?? [ 967.471156][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 967.479498][T27921] bridge0: port 1(bridge_slave_0) entered blocking state [ 967.486376][T27921] bridge0: port 1(bridge_slave_0) entered forwarding state [ 967.494135][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 967.502214][T27921] bridge0: port 2(bridge_slave_1) entered blocking state [ 967.507126][T11750] ftdi_sio 2-1:0.1: FTDI USB Serial Device converter detected [ 967.509082][T27921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 967.516668][T11750] ftdi_sio ttyUSB0: unknown device type: 0x2777 [ 967.532647][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 967.540382][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 967.554086][ T497] device veth0_vlan entered promiscuous mode [ 967.560589][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 967.569169][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 967.577090][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 967.584419][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 967.597911][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 967.606834][ T497] device veth1_macvtap entered promiscuous mode [ 967.618282][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 967.629113][T22313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 967.718054][ T307] usb 2-1: USB disconnect, device number 105 [ 967.724243][ T307] ftdi_sio 2-1:0.1: device disconnected [ 967.828319][ T516] loop0: detected capacity change from 0 to 256 [ 967.867180][T30674] device bridge_slave_1 left promiscuous mode [ 967.873132][T30674] bridge0: port 2(bridge_slave_1) entered disabled state [ 967.880658][T30674] device bridge_slave_0 left promiscuous mode [ 967.886814][T30674] bridge0: port 1(bridge_slave_0) entered disabled state [ 967.894815][T30674] device veth1_macvtap left promiscuous mode [ 967.900909][T30674] device veth0_vlan left promiscuous mode [ 967.906531][ T516] loop0: detected capacity change from 256 to 96 [ 967.914021][ T516] exFAT-fs (loop0): error, failed to bmap (inode : ffff8881366700d0 iblock : 16, err : -5) [ 967.923966][ T516] exFAT-fs (loop0): Filesystem has been set read-only [ 967.931858][ T516] exFAT-fs (loop0): error, failed to access to FAT (entry 0x00000005, err:-5) [ 967.944440][T30967] exFAT-fs (loop0): error, failed to access to FAT (entry 0x00000005, err:-5) [ 968.016417][T22313] usb 5-1: new high-speed USB device number 81 using dummy_hcd [ 968.266379][T22313] usb 5-1: Using ep0 maxpacket: 8 [ 968.334439][ T525] bridge0: port 1(bridge_slave_0) entered blocking state [ 968.341401][ T525] bridge0: port 1(bridge_slave_0) entered disabled state [ 968.348813][ T525] device bridge_slave_0 entered promiscuous mode [ 968.355712][ T525] bridge0: port 2(bridge_slave_1) entered blocking state [ 968.363009][ T525] bridge0: port 2(bridge_slave_1) entered disabled state [ 968.370477][ T525] device bridge_slave_1 entered promiscuous mode [ 968.386396][T22313] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 968.396572][T22313] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 968.409264][T22313] usb 5-1: config 0 has no interface number 0 [ 968.431050][T22313] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 968.450161][T22313] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 968.475861][T22313] usb 5-1: config 0 interface 52 has no altsetting 0 [ 968.502093][ T525] bridge0: port 2(bridge_slave_1) entered blocking state [ 968.508995][ T525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 968.516055][ T525] bridge0: port 1(bridge_slave_0) entered blocking state [ 968.522868][ T525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 968.553250][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 968.561621][T27921] bridge0: port 1(bridge_slave_0) entered disabled state [ 968.570187][T27921] bridge0: port 2(bridge_slave_1) entered disabled state [ 968.589287][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 968.597920][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 968.604804][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 968.612090][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 968.620336][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 968.627212][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 968.635558][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 968.643351][T19042] usb 2-1: new high-speed USB device number 106 using dummy_hcd [ 968.663408][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 968.678336][ T525] device veth0_vlan entered promiscuous mode [ 968.686814][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 968.694768][T22313] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 968.705027][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 968.713237][T22313] usb 5-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 968.722376][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 968.729701][T22313] usb 5-1: Product: syz [ 968.733813][T22313] usb 5-1: Manufacturer: syz [ 968.739032][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 968.747216][T22313] usb 5-1: SerialNumber: syz [ 968.752988][T22313] usb 5-1: config 0 descriptor?? [ 968.770328][ T525] device veth1_macvtap entered promiscuous mode [ 968.777380][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 968.791230][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 968.810293][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 968.822760][ T530] loop2: detected capacity change from 0 to 512 [ 968.841194][ T530] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 968.856829][ T530] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 968.866965][ T530] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 968.877138][ T530] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 968.884863][ T530] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000] [ 968.892924][ T530] EXT4-fs (loop2): orphan cleanup on readonly fs [ 968.899733][ T530] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 34: padding at end of block bitmap is not set [ 968.914914][ T530] Quota error (device loop2): write_blk: dquota write failed [ 968.922267][ T530] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 968.933094][ T530] EXT4-fs (loop2): 1 truncate cleaned up [ 968.939235][ T530] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 968.985893][T30420] EXT4-fs (loop2): unmounting filesystem. [ 969.009922][ T514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 969.018294][ T514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 969.027583][ T514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 969.035824][ T514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 969.043633][T30674] device bridge_slave_1 left promiscuous mode [ 969.044566][ T60] usb 5-1: USB disconnect, device number 81 [ 969.049866][T30674] bridge0: port 2(bridge_slave_1) entered disabled state [ 969.056265][T19042] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 969.073253][T30674] device bridge_slave_0 left promiscuous mode [ 969.074653][T19042] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 969.079322][T30674] bridge0: port 1(bridge_slave_0) entered disabled state [ 969.088951][T19042] usb 2-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 969.104670][T19042] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 969.112709][T30674] device veth1_macvtap left promiscuous mode [ 969.113166][T19042] usb 2-1: config 0 descriptor?? [ 969.118632][T30674] device veth0_vlan left promiscuous mode [ 969.220810][ T539] overlayfs: upper fs does not support tmpfile. [ 969.446207][ T2128] usb 1-1: new high-speed USB device number 92 using dummy_hcd [ 969.475206][ T546] loop3: detected capacity change from 0 to 256 [ 969.516230][ T546] loop3: detected capacity change from 256 to 96 [ 969.523338][ T546] exFAT-fs (loop3): error, failed to bmap (inode : ffff8881367b8d30 iblock : 16, err : -5) [ 969.533247][ T546] exFAT-fs (loop3): Filesystem has been set read-only [ 969.540482][ T546] exFAT-fs (loop3): error, failed to access to FAT (entry 0x00000005, err:-5) [ 969.552545][ T437] exFAT-fs (loop3): error, failed to access to FAT (entry 0x00000005, err:-5) [ 969.752505][ T552] bridge0: port 1(bridge_slave_0) entered blocking state [ 969.759666][ T552] bridge0: port 1(bridge_slave_0) entered disabled state [ 969.766780][ T552] device bridge_slave_0 entered promiscuous mode [ 969.775130][ T552] bridge0: port 2(bridge_slave_1) entered blocking state [ 969.776209][T11750] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 969.782154][ T552] bridge0: port 2(bridge_slave_1) entered disabled state [ 969.796602][ T552] device bridge_slave_1 entered promiscuous mode [ 969.840392][ T552] bridge0: port 2(bridge_slave_1) entered blocking state [ 969.847251][ T552] bridge0: port 2(bridge_slave_1) entered forwarding state [ 969.854319][ T552] bridge0: port 1(bridge_slave_0) entered blocking state [ 969.861133][ T552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 969.868427][ T2128] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 969.879157][ T2128] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 969.888394][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 969.888744][ T2128] usb 1-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 969.896510][ T307] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 969.904994][ T2128] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 969.919849][T19040] bridge0: port 1(bridge_slave_0) entered disabled state [ 969.920359][ T2128] usb 1-1: config 0 descriptor?? [ 969.931553][T19040] bridge0: port 2(bridge_slave_1) entered disabled state [ 969.953739][ T552] device veth0_vlan entered promiscuous mode [ 969.961184][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 969.969293][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 969.978435][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 969.985645][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 969.992879][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 970.000851][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 970.007679][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 970.014842][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 970.022801][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 970.026340][T11750] usb 3-1: Using ep0 maxpacket: 16 [ 970.029633][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 970.029804][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 970.049388][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 970.063752][ T552] device veth1_macvtap entered promiscuous mode [ 970.070974][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 970.081585][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 970.093032][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 970.146294][T11750] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 970.154850][ T307] usb 5-1: Using ep0 maxpacket: 16 [ 970.159991][T11750] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 970.170651][T11750] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 970.180228][T19042] usbhid 2-1:0.0: can't add hid device: -71 [ 970.181650][T11750] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 970.186780][T19042] usbhid: probe of 2-1:0.0 failed with error -71 [ 970.205119][T19042] usb 2-1: USB disconnect, device number 106 [ 970.213646][ T558] serio: Serial port pts0 [ 970.276307][ T307] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 970.284884][ T562] loop3: detected capacity change from 0 to 512 [ 970.285869][ T307] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 970.301691][ T562] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 970.301859][ T307] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 970.311777][ T562] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 970.321332][T30674] device bridge_slave_1 left promiscuous mode [ 970.330855][ T562] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 970.336550][T30674] bridge0: port 2(bridge_slave_1) entered disabled state [ 970.346699][ T562] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 970.352902][ T307] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 970.360707][ T562] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000] [ 970.370060][T11750] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 970.378389][ T562] EXT4-fs (loop3): orphan cleanup on readonly fs [ 970.386713][T11750] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 970.393248][ T562] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 34: padding at end of block bitmap is not set [ 970.414999][T30674] device bridge_slave_0 left promiscuous mode [ 970.415182][ T562] Quota error (device loop3): write_blk: dquota write failed [ 970.428184][T11750] usb 3-1: Product: syz [ 970.428184][ T562] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 970.432190][T30674] bridge0: port 1(bridge_slave_0) entered disabled state [ 970.442206][ T562] EXT4-fs (loop3): 1 truncate cleaned up [ 970.448890][T11750] usb 3-1: Manufacturer: syz [ 970.461640][T30674] device veth1_macvtap left promiscuous mode [ 970.466328][ T307] usb 5-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75 [ 970.467633][T30674] device veth0_vlan left promiscuous mode [ 970.477470][T11750] usb 3-1: SerialNumber: syz [ 970.486369][ T307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5 [ 970.494090][ T307] usb 5-1: SerialNumber: syz [ 970.497459][ T2128] sony 0003:054C:0268.00C9: unknown main item tag 0x0 [ 970.505717][ T562] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 970.506518][ T2128] sony 0003:054C:0268.00C9: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.0-1/input0 [ 970.526634][ T2128] sony 0003:054C:0268.00C9: failed to claim input [ 970.546647][ T307] usb-storage 5-1:1.0: USB Mass Storage device detected [ 970.554437][ T307] usb-storage 5-1:1.0: Quirks match for vid 04e6 pid 0007: 1 [ 970.562115][ T307] scsi host1: usb-storage 5-1:1.0 [ 970.567769][ T552] EXT4-fs (loop3): unmounting filesystem. [ 970.682447][ T572] overlayfs: upper fs does not support tmpfile. [ 970.707831][T19040] usb 1-1: USB disconnect, device number 92 [ 970.750255][ T307] usb 5-1: USB disconnect, device number 82 [ 970.751909][ T574] syz-executor.3[574] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 970.756450][ T574] syz-executor.3[574] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 970.856775][T11750] usb 3-1: found format II with max.bitrate = 0, frame size=0 [ 970.878957][T11750] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 970.898344][T11750] usb 3-1: USB disconnect, device number 78 [ 971.114593][ T584] loop3: detected capacity change from 0 to 256 [ 971.210548][ T28] audit: type=1400 audit(2000000293.359:65654): avc: denied { write } for pid=582 comm="syz-executor.3" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 971.396240][ T2128] usb 2-1: new high-speed USB device number 107 using dummy_hcd [ 971.521184][ T599] serio: Serial port pts0 [ 971.609522][ T605] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 971.646266][ T2128] usb 2-1: Using ep0 maxpacket: 8 [ 971.758983][ T612] syz-executor.4[612] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 971.759059][ T612] syz-executor.4[612] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 971.796548][ T2128] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 971.815925][ T2128] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 971.826054][ T2128] usb 2-1: config 0 has no interface number 0 [ 971.832079][ T2128] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 971.841815][ T2128] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 971.854614][ T2128] usb 2-1: config 0 interface 52 has no altsetting 0 [ 971.896018][ T614] device ip6_vti0 entered promiscuous mode [ 971.902118][ T614] device vlan2 entered promiscuous mode [ 971.908927][ T614] device ip6_vti0 left promiscuous mode [ 972.046272][ T2128] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 972.055313][ T2128] usb 2-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 972.063587][ T2128] usb 2-1: Product: syz [ 972.067956][ T2128] usb 2-1: Manufacturer: syz [ 972.072425][ T2128] usb 2-1: SerialNumber: syz [ 972.077265][ T2128] usb 2-1: config 0 descriptor?? [ 972.309041][ T627] syz-executor.2[627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 972.309095][ T627] syz-executor.2[627] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 972.320521][ T586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 972.340168][ T586] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 972.347773][T19040] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 972.352189][ T586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 972.363381][ T586] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 972.375170][T19034] usb 2-1: USB disconnect, device number 107 [ 972.386237][ T307] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 972.466341][ T2128] usb 1-1: new high-speed USB device number 93 using dummy_hcd [ 972.626288][ T307] usb 4-1: Using ep0 maxpacket: 16 [ 972.706305][T19040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 972.717069][T19040] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 972.726571][T19040] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 972.735380][T19040] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.743763][T19040] usb 5-1: config 0 descriptor?? [ 972.756251][ T307] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 972.765736][ T307] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 972.775212][ T307] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 972.784785][ T307] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 972.866272][ T307] usb 4-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75 [ 972.875155][ T307] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5 [ 972.876292][ T2128] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 972.883022][ T307] usb 4-1: SerialNumber: syz [ 972.893717][ T2128] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 972.910934][ T2128] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 972.920070][ T2128] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.928522][ T2128] usb 1-1: config 0 descriptor?? [ 972.936707][ T307] usb-storage 4-1:1.0: USB Mass Storage device detected [ 972.944000][ T307] usb-storage 4-1:1.0: Quirks match for vid 04e6 pid 0007: 1 [ 972.951410][ T307] scsi host1: usb-storage 4-1:1.0 [ 973.025788][ T637] input: syz1 as /devices/virtual/input/input157 [ 973.144850][T27921] usb 4-1: USB disconnect, device number 87 [ 973.226778][T19040] sony 0003:054C:0268.00CA: unknown main item tag 0x0 [ 973.234337][T19040] sony 0003:054C:0268.00CA: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0 [ 973.246029][T19040] sony 0003:054C:0268.00CA: failed to claim input [ 973.401615][ T646] loop2: detected capacity change from 0 to 8192 [ 973.417013][ T2128] plantronics 0003:047F:FFFF.00CB: unknown main item tag 0x0 [ 973.424468][ T2128] plantronics 0003:047F:FFFF.00CB: No inputs registered, leaving [ 973.431154][T19040] usb 5-1: USB disconnect, device number 83 [ 973.433056][ T2128] plantronics 0003:047F:FFFF.00CB: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 973.448297][ T646] loop2: p3 p4 < > [ 973.453601][ T646] loop2: p3 start 619312 is beyond EOD, truncated [ 974.159668][ T674] loop4: detected capacity change from 0 to 256 [ 974.176081][ T674] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 974.546252][T11750] usb 2-1: new high-speed USB device number 108 using dummy_hcd [ 974.786222][T11750] usb 2-1: Using ep0 maxpacket: 16 [ 974.906262][T11750] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 974.914853][T11750] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 974.925494][T11750] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 974.934948][T11750] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 975.096413][T11750] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 975.105357][T11750] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 975.113301][T11750] usb 2-1: Product: syz [ 975.117360][T11750] usb 2-1: Manufacturer: syz [ 975.121706][T11750] usb 2-1: SerialNumber: syz [ 975.186696][ T2128] usb 1-1: USB disconnect, device number 93 [ 975.376347][T27921] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 975.486375][T11750] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 975.498533][T11750] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 975.528849][T11750] usb 2-1: USB disconnect, device number 108 [ 975.583899][ T710] loop2: detected capacity change from 0 to 256 [ 975.600517][ T710] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 975.746291][T27921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 975.757198][T27921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 975.766924][T27921] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 975.775878][T27921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 975.784369][T27921] usb 4-1: config 0 descriptor?? [ 975.886241][ T307] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 976.126262][ T307] usb 5-1: Using ep0 maxpacket: 8 [ 976.206492][T11750] usb 2-1: new high-speed USB device number 109 using dummy_hcd [ 976.246314][ T307] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 976.257184][ T307] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 976.266858][ T307] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 976.296909][T27921] sony 0003:054C:0268.00CC: unknown main item tag 0x0 [ 976.304703][T27921] sony 0003:054C:0268.00CC: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.3-1/input0 [ 976.316474][T27921] sony 0003:054C:0268.00CC: failed to claim input [ 976.436327][ T307] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.40 [ 976.445195][ T307] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 976.453033][ T307] usb 5-1: Product: syz [ 976.457199][ T307] usb 5-1: Manufacturer: syz [ 976.461588][ T307] usb 5-1: SerialNumber: syz [ 976.500318][ T2128] usb 4-1: USB disconnect, device number 88 [ 976.576432][T11750] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 976.587211][T11750] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 976.599948][T11750] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 976.608794][T11750] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 976.617152][T11750] usb 2-1: config 0 descriptor?? [ 976.652307][ T738] tmpfs: Unknown parameter 'h' [ 976.696281][T27921] usb 1-1: new high-speed USB device number 94 using dummy_hcd [ 976.726452][ T307] usbhid 5-1:1.0: can't add hid device: -22 [ 976.732308][ T307] usbhid: probe of 5-1:1.0 failed with error -22 [ 976.929661][ T307] usb 5-1: USB disconnect, device number 84 [ 977.096301][T27921] usb 1-1: config index 0 descriptor too short (expected 68, got 36) [ 977.097226][T11750] plantronics 0003:047F:FFFF.00CD: unknown main item tag 0x0 [ 977.104447][T27921] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 977.112234][T11750] plantronics 0003:047F:FFFF.00CD: No inputs registered, leaving [ 977.122221][T27921] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 977.131073][T11750] plantronics 0003:047F:FFFF.00CD: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 977.151444][T27921] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 977.160491][T27921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 977.169046][T27921] usb 1-1: config 0 descriptor?? [ 977.214907][ T748] device wireguard0 entered promiscuous mode [ 977.590011][ T755] loop3: detected capacity change from 0 to 512 [ 977.602511][ T755] EXT4-fs: Ignoring removed mblk_io_submit option [ 977.610992][ T755] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.3: inline data xattr refers to an external xattr inode [ 977.626133][ T755] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 12 (err -117) [ 977.638415][ T755] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 977.648621][T27921] hid-rmi 0003:06CB:81A7.00CE: unknown main item tag 0x0 [ 977.657433][T27921] hid-rmi 0003:06CB:81A7.00CE: unknown main item tag 0x0 [ 977.664551][T27921] hid-rmi 0003:06CB:81A7.00CE: unknown main item tag 0x0 [ 977.671479][T27921] hid-rmi 0003:06CB:81A7.00CE: unknown main item tag 0x0 [ 977.678373][T27921] hid-rmi 0003:06CB:81A7.00CE: unknown main item tag 0x0 [ 977.685791][T27921] hid-rmi 0003:06CB:81A7.00CE: hidraw1: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.0-1/input0 [ 977.737436][ T552] EXT4-fs (loop3): unmounting filesystem. [ 977.813864][ T28] audit: type=1326 audit(2000000299.959:65655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=761 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fad2f27cee9 code=0x0 [ 977.823801][ T764] loop3: detected capacity change from 0 to 256 [ 977.853916][ T764] FAT-fs (loop3): Directory bread(block 64) failed [ 977.855988][ T307] usb 1-1: USB disconnect, device number 94 [ 977.860332][ T764] FAT-fs (loop3): Directory bread(block 65) failed [ 977.872482][ T764] FAT-fs (loop3): Directory bread(block 66) failed [ 977.878827][ T764] FAT-fs (loop3): Directory bread(block 67) failed [ 977.885171][ T764] FAT-fs (loop3): Directory bread(block 68) failed [ 977.891603][ T764] FAT-fs (loop3): Directory bread(block 69) failed [ 977.898306][ T764] FAT-fs (loop3): Directory bread(block 70) failed [ 977.904627][ T764] FAT-fs (loop3): Directory bread(block 71) failed [ 977.911033][ T764] FAT-fs (loop3): Directory bread(block 72) failed [ 977.917308][ T764] FAT-fs (loop3): Directory bread(block 73) failed [ 977.956210][T19042] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 978.302098][ T772] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 978.336284][T19042] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 978.346986][T19042] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 978.356569][T19042] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 978.365368][T19042] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 978.379485][T19042] usb 3-1: config 0 descriptor?? [ 978.615032][ T777] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 978.629932][ T759] loop2: detected capacity change from 0 to 1024 [ 978.646558][ T759] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 978.659173][ T759] EXT4-fs (loop2): orphan cleanup on readonly fs [ 978.666690][ T759] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 10: padding at end of block bitmap is not set [ 978.681489][ T759] Quota error (device loop2): write_blk: dquota write failed [ 978.689220][ T759] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 978.698367][ T759] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 978.708831][ T759] EXT4-fs error (device loop2): ext4_free_blocks:6197: comm syz-executor.2: Freeing blocks not in datazone - block = 0, count = 4096 [ 978.722770][ T759] EXT4-fs (loop2): 1 truncate cleaned up [ 978.756417][ T759] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 978.766381][ T759] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 978.943574][T19034] usb 2-1: USB disconnect, device number 109 [ 979.096297][T19042] usbhid 3-1:0.0: can't add hid device: -71 [ 979.102129][T19042] usbhid: probe of 3-1:0.0 failed with error -71 [ 979.109200][T19042] usb 3-1: USB disconnect, device number 79 [ 979.241018][ T797] loop1: detected capacity change from 0 to 512 [ 979.256385][ T797] EXT4-fs: quotafile must be on filesystem root [ 979.526493][ T811] syz-executor.1[811] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 979.526591][ T811] syz-executor.1[811] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 979.585352][T30420] EXT4-fs (loop2): unmounting filesystem. [ 979.639770][ T817] loop3: detected capacity change from 0 to 512 [ 979.657626][ T817] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 979.671341][ T817] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 979.683947][ T817] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 979.697715][ T817] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 979.710396][ T817] EXT4-fs (loop3): 1 orphan inode deleted [ 979.716253][ T817] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 979.776473][ T552] EXT4-fs (loop3): unmounting filesystem. [ 979.931901][ T834] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 980.080171][ T838] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 980.146312][T19042] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 980.516279][T19042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 980.537206][T19042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 980.565579][T19042] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 980.575400][T19042] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 980.585852][T19042] usb 5-1: config 0 descriptor?? [ 981.057577][T19042] hid-multitouch 0003:0EEF:72D0.00CF: unknown main item tag 0x0 [ 981.065094][T19042] hid-multitouch 0003:0EEF:72D0.00CF: unknown main item tag 0x0 [ 981.072677][T19042] hid-multitouch 0003:0EEF:72D0.00CF: unknown main item tag 0x0 [ 981.080406][T19042] hid-multitouch 0003:0EEF:72D0.00CF: unknown main item tag 0x0 [ 981.087893][T19042] hid-multitouch 0003:0EEF:72D0.00CF: unknown main item tag 0x0 [ 981.095841][T19042] hid-multitouch 0003:0EEF:72D0.00CF: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.4-1/input0 [ 981.218022][ T858] syz-executor.3[858] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 981.218083][ T858] syz-executor.3[858] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 981.261087][ T307] usb 5-1: USB disconnect, device number 85 [ 981.371877][ T863] loop2: detected capacity change from 0 to 512 [ 981.387894][ T863] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 981.401896][ T863] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 981.414605][ T863] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode # [ 981.428304][ T863] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117 [ 981.441102][ T863] EXT4-fs (loop2): 1 orphan inode deleted [ 981.446722][ T863] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 981.460391][ T866] loop3: detected capacity change from 0 to 512 [ 981.487230][ T866] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 981.500999][ T866] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 981.513595][ T866] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode # [ 981.527313][ T866] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117 [ 981.540089][ T866] EXT4-fs (loop3): 1 orphan inode deleted [ 981.545885][ T866] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 981.565180][T30420] EXT4-fs (loop2): unmounting filesystem. [ 981.609930][ T552] EXT4-fs (loop3): unmounting filesystem. [ 981.816219][T19042] usb 2-1: new high-speed USB device number 110 using dummy_hcd [ 981.926665][ T885] incfs: Options parsing error. -22 [ 981.931720][ T885] incfs: mount failed -22 [ 981.936090][ T886] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0' [ 982.076383][ T892] device pim6reg1 entered promiscuous mode [ 982.196259][T19042] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 982.206637][T19042] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 982.306434][T19042] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 982.315332][T19042] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 982.323207][T19042] usb 2-1: SerialNumber: syz [ 982.418846][ T905] device pim6reg1 entered promiscuous mode [ 982.711727][ T918] incfs: Options parsing error. -22 [ 982.716902][ T918] incfs: mount failed -22 [ 982.847409][T19034] usb 2-1: USB disconnect, device number 110 [ 983.416204][T19034] usb 1-1: new high-speed USB device number 95 using dummy_hcd [ 983.426247][ T2128] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 983.445076][ T946] incfs: Options parsing error. -22 [ 983.450315][ T946] incfs: mount failed -22 [ 983.692424][ T954] loop1: detected capacity change from 0 to 1024 [ 983.728048][ T954] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 983.776304][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 983.787212][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 983.788033][T30415] EXT4-fs (loop1): unmounting filesystem. [ 983.796831][T19034] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 983.796853][T19034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 983.819490][T19034] usb 1-1: config 0 descriptor?? [ 983.826294][ T2128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 983.837077][ T2128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 983.846976][ T2128] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 983.855871][ T2128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 983.864436][ T2128] usb 4-1: config 0 descriptor?? [ 983.944860][ T962] loop1: detected capacity change from 0 to 1024 [ 983.977589][ T962] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 984.022286][T30415] EXT4-fs (loop1): unmounting filesystem. [ 984.060283][ T933] loop0: detected capacity change from 0 to 1024 [ 984.093245][ T933] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 984.101772][ T933] EXT4-fs (loop0): orphan cleanup on readonly fs [ 984.109478][ T933] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 10: padding at end of block bitmap is not set [ 984.121989][ T934] loop3: detected capacity change from 0 to 1024 [ 984.124334][ T933] Quota error (device loop0): write_blk: dquota write failed [ 984.137234][ T933] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 984.146094][ T933] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 984.150429][ T934] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 984.156105][ T933] EXT4-fs error (device loop0): ext4_free_blocks:6197: comm syz-executor.0: Freeing blocks not in datazone - block = 0, count = 4096 [ 984.164839][ T934] EXT4-fs (loop3): orphan cleanup on readonly fs [ 984.184018][ T933] EXT4-fs (loop0): 1 truncate cleaned up [ 984.189061][ T934] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 10: padding at end of block bitmap is not set [ 984.204112][ T934] Quota error (device loop3): write_blk: dquota write failed [ 984.211476][ T934] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 984.211713][ T933] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 984.220710][ T934] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 984.239135][ T934] EXT4-fs error (device loop3): ext4_free_blocks:6197: comm syz-executor.3: Freeing blocks not in datazone - block = 0, count = 4096 [ 984.240646][ T933] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 984.253276][ T934] EXT4-fs (loop3): 1 truncate cleaned up [ 984.272615][ T934] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 984.287932][ T934] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 984.576359][T19034] usbhid 1-1:0.0: can't add hid device: -71 [ 984.582111][T19034] usbhid: probe of 1-1:0.0 failed with error -71 [ 984.589153][T19034] usb 1-1: USB disconnect, device number 95 [ 984.616281][ T2128] usbhid 4-1:0.0: can't add hid device: -71 [ 984.622162][ T2128] usbhid: probe of 4-1:0.0 failed with error -71 [ 984.628937][ T2128] usb 4-1: USB disconnect, device number 89 [ 984.706195][T19042] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 984.781957][ T985] loop2: detected capacity change from 0 to 256 [ 984.795832][ T985] FAT-fs (loop2): Unrecognized mount option "shortname=lower&utf8=1" or missing value [ 984.826340][ T987] loop1: detected capacity change from 0 to 1024 [ 984.847751][ T987] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 984.906361][T30415] EXT4-fs (loop1): unmounting filesystem. [ 985.098161][ T525] EXT4-fs (loop0): unmounting filesystem. [ 985.106287][T19042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 985.117400][T19042] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 985.117513][ T552] EXT4-fs (loop3): unmounting filesystem. [ 985.127323][T19042] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 985.141451][T19042] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 985.149963][T19042] usb 5-1: config 0 descriptor?? [ 985.390269][ T977] loop4: detected capacity change from 0 to 1024 [ 985.416769][ T977] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 985.431711][ T977] EXT4-fs (loop4): orphan cleanup on readonly fs [ 985.451424][ T977] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 10: padding at end of block bitmap is not set [ 985.500594][ T977] Quota error (device loop4): write_blk: dquota write failed [ 985.522840][ T977] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 985.531796][ T977] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 985.541560][ T977] EXT4-fs error (device loop4): ext4_free_blocks:6197: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 985.559508][ T977] EXT4-fs (loop4): 1 truncate cleaned up [ 985.566426][ T977] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 985.585012][ T977] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 985.646208][ T2128] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 985.906294][T19042] usbhid 5-1:0.0: can't add hid device: -71 [ 985.913099][T19042] usbhid: probe of 5-1:0.0 failed with error -71 [ 985.928137][T19042] usb 5-1: USB disconnect, device number 86 [ 986.046288][ T2128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 986.062476][ T2128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 986.081982][ T2128] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 986.099618][ T2128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 986.116366][ T2128] usb 4-1: config 0 descriptor?? [ 986.259595][ T1020] loop2: detected capacity change from 0 to 512 [ 986.301838][ T1020] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 986.326293][ T1020] ext4 filesystem being mounted at /root/syzkaller-testdir2726605647/syzkaller.iXncEB/258/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff) [ 986.371892][ T1020] EXT4-fs error (device loop2): ext4_do_update_inode:5212: inode #2: comm syz-executor.2: corrupted inode contents [ 986.386080][ T1020] EXT4-fs error (device loop2): ext4_dirty_inode:6074: inode #2: comm syz-executor.2: mark_inode_dirty error [ 986.407611][ T1020] EXT4-fs error (device loop2): ext4_do_update_inode:5212: inode #2: comm syz-executor.2: corrupted inode contents [ 986.420473][ T1020] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz-executor.2: mark_inode_dirty error [ 986.432279][ T497] EXT4-fs (loop4): unmounting filesystem. [ 986.496306][T30420] EXT4-fs (loop2): unmounting filesystem. [ 986.596520][ T2128] hid (null): bogus close delimiter [ 986.608995][ T1031] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 986.916221][ T307] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 986.956237][T19034] usb 1-1: new high-speed USB device number 96 using dummy_hcd [ 987.116301][ T2128] usb 4-1: string descriptor 0 read error: -71 [ 987.136267][ T2128] uclogic 0003:256C:006D.00D0: failed retrieving string descriptor #200: -71 [ 987.144985][ T2128] uclogic 0003:256C:006D.00D0: failed retrieving pen parameters: -71 [ 987.153062][ T2128] uclogic 0003:256C:006D.00D0: failed probing pen v2 parameters: -71 [ 987.161177][ T2128] uclogic 0003:256C:006D.00D0: failed probing parameters: -71 [ 987.168507][ T2128] uclogic: probe of 0003:256C:006D.00D0 failed with error -71 [ 987.176798][ T2128] usb 4-1: USB disconnect, device number 90 [ 987.276262][ T307] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 987.287105][ T307] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 987.296706][ T307] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 987.305499][ T307] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.313924][ T307] usb 5-1: config 0 descriptor?? [ 987.326289][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 987.338491][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 987.348065][T19034] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 987.357442][T19034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.365749][T19034] usb 1-1: config 0 descriptor?? [ 987.562973][ T1034] loop4: detected capacity change from 0 to 1024 [ 987.574645][ T1034] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 987.583059][ T1034] EXT4-fs (loop4): orphan cleanup on readonly fs [ 987.590164][ T1034] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 10: padding at end of block bitmap is not set [ 987.604928][ T1034] Quota error (device loop4): write_blk: dquota write failed [ 987.619986][ T1034] EXT4-fs error (device loop4): ext4_free_blocks:6197: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 987.633903][ T1036] loop0: detected capacity change from 0 to 1024 [ 987.640981][ T1034] EXT4-fs (loop4): 1 truncate cleaned up [ 987.648013][ T1034] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 987.660024][ T1034] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 987.671124][ T1036] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 987.682502][ T1036] EXT4-fs (loop0): orphan cleanup on readonly fs [ 987.693044][ T1036] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz-executor.0: bg 0: block 10: padding at end of block bitmap is not set [ 987.707986][ T1036] EXT4-fs error (device loop0): ext4_free_blocks:6197: comm syz-executor.0: Freeing blocks not in datazone - block = 0, count = 4096 [ 987.722501][ T1036] EXT4-fs (loop0): 1 truncate cleaned up [ 987.728697][ T1036] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 987.740600][ T1036] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 987.852415][ T1062] Invalid ELF header magic: != ELF [ 988.006286][ T307] usbhid 5-1:0.0: can't add hid device: -71 [ 988.012080][ T307] usbhid: probe of 5-1:0.0 failed with error -71 [ 988.036853][ T307] usb 5-1: USB disconnect, device number 87 [ 988.066252][T19034] usbhid 1-1:0.0: can't add hid device: -71 [ 988.072030][T19034] usbhid: probe of 1-1:0.0 failed with error -71 [ 988.086997][T19034] usb 1-1: USB disconnect, device number 96 [ 988.504821][ T497] EXT4-fs (loop4): unmounting filesystem. [ 988.589008][ T525] EXT4-fs (loop0): unmounting filesystem. [ 988.616212][ T917] Bluetooth: hci0: command 0x1003 tx timeout [ 988.622092][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 988.651327][ T1070] loop4: detected capacity change from 0 to 128 [ 988.666122][ T1070] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 988.690689][ T1070] syz-executor.4: attempt to access beyond end of device [ 988.690689][ T1070] loop4: rw=3, sector=6950, nr_sectors = 2 limit=128 [ 988.704969][ T1070] syz-executor.4: attempt to access beyond end of device [ 988.704969][ T1070] loop4: rw=2051, sector=6952, nr_sectors = 942 limit=128 [ 989.461177][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 989.461193][ T28] audit: type=1326 audit(2000000311.609:65657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1110 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x0 [ 989.558757][ T1117] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 989.850670][ T1132] syz-executor.2[1132] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 989.850718][ T1132] syz-executor.2[1132] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 990.450477][ T1152] input: syz0 as /devices/virtual/input/input158 [ 990.535977][ T1154] device gretap1 entered promiscuous mode [ 991.039802][ T1174] syz-executor.2[1174] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.039851][ T1174] syz-executor.2[1174] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 991.152448][ T1180] input: syz0 as /devices/virtual/input/input159 [ 991.626289][ T2128] usb 5-1: new high-speed USB device number 88 using dummy_hcd [ 991.829613][ T28] audit: type=1326 audit(2000000313.979:65658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.853555][ T28] audit: type=1326 audit(2000000313.979:65659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.877474][ T28] audit: type=1326 audit(2000000313.979:65660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.901382][ T28] audit: type=1326 audit(2000000313.979:65661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.925351][ T28] audit: type=1326 audit(2000000313.979:65662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.949260][ T28] audit: type=1326 audit(2000000313.979:65663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 991.973305][ T28] audit: type=1326 audit(2000000314.129:65664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7ffc0000 [ 991.997679][ T28] audit: type=1326 audit(2000000314.129:65665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe818e40329 code=0x7ffc0000 [ 992.021533][ T28] audit: type=1326 audit(2000000314.129:65666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1212 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 992.106306][ T2128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 992.117314][ T2128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 992.127213][ T2128] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 992.136123][ T2128] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 992.145126][ T2128] usb 5-1: config 0 descriptor?? [ 992.165835][ T1216] loop2: detected capacity change from 0 to 256 [ 992.189679][ T1216] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d) [ 992.976324][T19034] usb 1-1: new high-speed USB device number 97 using dummy_hcd [ 993.256720][ T1192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 993.264994][ T1192] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 993.276277][ T2128] uclogic 0003:256C:006D.00D1: failed retrieving string descriptor #200: -71 [ 993.284957][ T2128] uclogic 0003:256C:006D.00D1: failed retrieving pen parameters: -71 [ 993.292770][ T2128] uclogic 0003:256C:006D.00D1: failed probing pen v2 parameters: -71 [ 993.300712][ T2128] uclogic 0003:256C:006D.00D1: failed probing parameters: -71 [ 993.307964][ T2128] uclogic: probe of 0003:256C:006D.00D1 failed with error -71 [ 993.315812][ T2128] usb 5-1: USB disconnect, device number 88 [ 993.336235][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 993.347146][T19034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 993.356834][T19034] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 993.365763][T19034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 993.377923][T19034] usb 1-1: config 0 descriptor?? [ 993.485318][ T1252] input: syz0 as /devices/virtual/input/input160 [ 993.652306][ T1258] loop1: detected capacity change from 0 to 512 [ 993.668060][ T1258] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 993.676931][ T1258] ext4 filesystem being mounted at /root/syzkaller-testdir259226107/syzkaller.6XEOIO/245/file0 supports timestamps until 2038 (0x7fffffff) [ 993.716986][T30415] EXT4-fs (loop1): unmounting filesystem. [ 993.857263][T19034] hid-multitouch 0003:0EEF:72D0.00D2: unknown main item tag 0x0 [ 993.864767][T19034] hid-multitouch 0003:0EEF:72D0.00D2: unknown main item tag 0x0 [ 993.873099][T19034] hid-multitouch 0003:0EEF:72D0.00D2: unknown main item tag 0x0 [ 993.880643][T19034] hid-multitouch 0003:0EEF:72D0.00D2: unknown main item tag 0x0 [ 993.888291][T19034] hid-multitouch 0003:0EEF:72D0.00D2: unknown main item tag 0x0 [ 993.896817][T19034] hid-multitouch 0003:0EEF:72D0.00D2: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.0-1/input0 [ 994.059725][T19034] usb 1-1: USB disconnect, device number 97 [ 994.648219][ T1302] syz-executor.2[1302] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 994.648267][ T1302] syz-executor.2[1302] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 995.196227][T11750] usb 1-1: new high-speed USB device number 98 using dummy_hcd [ 995.476334][T11750] usb 1-1: Using ep0 maxpacket: 16 [ 995.492187][ T1333] overlayfs: failed to resolve './file2': -2 [ 995.818378][ T1340] loop4: detected capacity change from 0 to 256 [ 995.832396][ T1340] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x72a6026c, utbl_chksum : 0xe619d30d) [ 995.846287][T11750] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 995.855119][T11750] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 995.865431][T11750] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 995.872184][ T1340] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 995.875012][T11750] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 995.884274][ T1340] exFAT-fs (loop4): Filesystem has been set read-only [ 995.893513][T11750] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 995.909934][T11750] usb 1-1: config 1 interface 0 has no altsetting 0 [ 995.916516][T11750] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 995.925439][T11750] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 995.966584][T11750] ums-sddr09 1-1:1.0: USB Mass Storage device detected [ 995.970749][ T497] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 995.982328][ T497] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.186826][T11750] scsi host1: usb-storage 1-1:1.0 [ 996.293378][ T1359] loop2: detected capacity change from 0 to 256 [ 996.302441][ T1353] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.309456][ T1353] bridge0: port 1(bridge_slave_0) entered disabled state [ 996.316886][ T1353] device bridge_slave_0 entered promiscuous mode [ 996.324501][ T1353] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.331516][ T1353] bridge0: port 2(bridge_slave_1) entered disabled state [ 996.337191][ T1359] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72a6026c, utbl_chksum : 0xe619d30d) [ 996.350641][ T1353] device bridge_slave_1 entered promiscuous mode [ 996.389570][ T1359] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.389638][ T60] usb 1-1: USB disconnect, device number 98 [ 996.404454][ T1359] exFAT-fs (loop2): Filesystem has been set read-only [ 996.449279][T30420] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.455343][ T1353] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.458497][T30420] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.465051][ T1353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 996.481082][ T1353] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.487903][ T1353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 996.523122][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 996.531184][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 996.538419][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 996.549897][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 996.558099][T11750] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.564941][T11750] bridge0: port 1(bridge_slave_0) entered forwarding state [ 996.588228][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 996.596476][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 996.605541][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.612429][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 996.619619][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 996.627896][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 996.640811][ T1353] device veth0_vlan entered promiscuous mode [ 996.647434][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 996.655140][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 996.662348][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 996.673182][ T1353] device veth1_macvtap entered promiscuous mode [ 996.680494][T11750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 996.695591][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 996.704078][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 996.766531][ T1364] loop4: detected capacity change from 0 to 256 [ 996.785650][ T1364] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x72a6026c, utbl_chksum : 0xe619d30d) [ 996.823784][ T1364] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.833057][ T1364] exFAT-fs (loop4): Filesystem has been set read-only [ 996.852083][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.859153][ T1366] bridge0: port 1(bridge_slave_0) entered disabled state [ 996.866770][ T1366] device bridge_slave_0 entered promiscuous mode [ 996.871716][ T1353] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.873632][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.888779][ T1366] bridge0: port 2(bridge_slave_1) entered disabled state [ 996.888793][ T1353] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 996.895999][ T1366] device bridge_slave_1 entered promiscuous mode [ 996.979150][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 996.986392][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 996.994863][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 997.013045][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 997.021359][T27921] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.028214][T27921] bridge0: port 1(bridge_slave_0) entered forwarding state [ 997.035780][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 997.054986][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 997.063270][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 997.071508][T19034] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.078354][T19034] bridge0: port 2(bridge_slave_1) entered forwarding state [ 997.087431][ T8] device bridge_slave_1 left promiscuous mode [ 997.093339][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 997.100891][ T8] device bridge_slave_0 left promiscuous mode [ 997.107143][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 997.114865][ T8] device veth1_macvtap left promiscuous mode [ 997.120978][ T8] device veth0_vlan left promiscuous mode [ 997.238098][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 997.245824][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 997.260962][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 997.278198][ T1366] device veth0_vlan entered promiscuous mode [ 997.284967][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 997.292856][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 997.300457][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 997.321378][ T1366] device veth1_macvtap entered promiscuous mode [ 997.328912][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 997.361341][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 997.370281][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 997.378806][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 997.386972][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 997.417404][ T1379] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.428760][ T1379] bridge0: port 1(bridge_slave_0) entered disabled state [ 997.436345][ T1379] device bridge_slave_0 entered promiscuous mode [ 997.443545][ T1379] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.450967][ T1379] bridge0: port 2(bridge_slave_1) entered disabled state [ 997.458183][ T1393] loop2: detected capacity change from 0 to 256 [ 997.458355][ T1379] device bridge_slave_1 entered promiscuous mode [ 997.535853][ T1379] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.542729][ T1379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 997.549771][ T1379] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.556585][ T1379] bridge0: port 1(bridge_slave_0) entered forwarding state [ 997.582649][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 997.590273][T27921] bridge0: port 1(bridge_slave_0) entered disabled state [ 997.598254][T27921] bridge0: port 2(bridge_slave_1) entered disabled state [ 997.608401][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 997.616761][T19034] bridge0: port 1(bridge_slave_0) entered blocking state [ 997.623622][T19034] bridge0: port 1(bridge_slave_0) entered forwarding state [ 997.637204][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 997.645562][T27921] bridge0: port 2(bridge_slave_1) entered blocking state [ 997.652434][T27921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 997.673830][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 997.682067][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 997.700647][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 997.710828][ T1379] device veth0_vlan entered promiscuous mode [ 997.717787][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 997.733568][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 997.741281][ T2128] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 997.753589][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 997.765112][ T1379] device veth1_macvtap entered promiscuous mode [ 997.774198][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 997.783939][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 997.963340][ T1409] loop4: detected capacity change from 0 to 512 [ 997.988227][ T1409] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 997.997134][ T1409] ext4 filesystem being mounted at /root/syzkaller-testdir866422034/syzkaller.t7UYJK/1/file0 supports timestamps until 2038 (0x7fffffff) [ 998.040272][ T1379] EXT4-fs (loop4): unmounting filesystem. [ 998.139908][ T1420] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 998.207273][ T8] device bridge_slave_1 left promiscuous mode [ 998.213228][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 998.222050][ T8] device bridge_slave_0 left promiscuous mode [ 998.228202][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 998.240463][ T8] device bridge_slave_1 left promiscuous mode [ 998.246487][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 998.253889][ T8] device bridge_slave_0 left promiscuous mode [ 998.256388][ T307] usb 1-1: new high-speed USB device number 99 using dummy_hcd [ 998.260022][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 998.274837][ T8] device veth1_macvtap left promiscuous mode [ 998.280846][ T8] device veth0_vlan left promiscuous mode [ 998.389703][ T1429] loop2: detected capacity change from 0 to 512 [ 998.404839][ T1429] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 998.418543][ T1429] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #17: comm syz-executor.2: iget: bad i_size value: -6917529027641081756 [ 998.432417][ T1429] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 17 (err -117) [ 998.444701][ T1429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 998.462106][ T1429] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 65: padding at end of block bitmap is not set [ 998.463763][ T1433] loop4: detected capacity change from 0 to 2048 [ 998.477146][ T1429] __quota_error: 17 callbacks suppressed [ 998.477161][ T1429] Quota error (device loop2): write_blk: dquota write failed [ 998.497078][ T1429] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 998.498876][ T1433] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 998.521863][ T1433] ext4 filesystem being mounted at /root/syzkaller-testdir866422034/syzkaller.t7UYJK/4/bus supports timestamps until 2038 (0x7fffffff) [ 998.524123][ T1439] Quota error (device loop2): do_check_range: Getting block 144 out of range 0-5 [ 998.574449][ T1379] EXT4-fs (loop4): unmounting filesystem. [ 998.626272][ T307] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 998.637033][ T307] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 998.646576][ T307] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 998.655395][ T307] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.663948][ T307] usb 1-1: config 0 descriptor?? [ 998.669559][ T1366] EXT4-fs (loop2): unmounting filesystem. [ 998.938516][ T1453] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 999.057632][ T1459] device syzkaller0 entered promiscuous mode [ 999.147429][ T307] hid-multitouch 0003:0EEF:72D0.00D3: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.0-1/input0 [ 999.352146][T19040] usb 1-1: USB disconnect, device number 99 [ 999.534935][ T1482] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 999.734968][ T1491] device syzkaller0 entered promiscuous mode [ 999.988095][ T1493] loop2: detected capacity change from 0 to 40427 [ 1000.006875][ T1493] F2FS-fs (loop2): Unrecognized mount option "nouser_xattr heap" or missing value [ 1000.406258][T27921] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 1000.431752][ T1511] netlink: 'syz-executor.4': attribute type 23 has an invalid length. [ 1000.440576][ T1511] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1000.450229][ T1511] bridge0: port 2(bridge_slave_1) entered disabled state [ 1000.457250][ T1511] bridge0: port 1(bridge_slave_0) entered disabled state [ 1000.464840][ T1511] device bridge0 entered promiscuous mode [ 1002.156223][T27921] usb 3-1: Using ep0 maxpacket: 16 [ 1002.189368][ T1516] loop0: detected capacity change from 0 to 2048 [ 1002.207299][ T1516] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1002.215672][ T1516] ext4 filesystem being mounted at /root/syzkaller-testdir642299425/syzkaller.sLnZSr/58/bus supports timestamps until 2038 (0x7fffffff) [ 1002.257021][ T525] EXT4-fs (loop0): unmounting filesystem. [ 1002.306291][T27921] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1002.317220][T27921] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1002.326950][T27921] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 1002.335747][T27921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1002.344598][T27921] usb 3-1: config 0 descriptor?? [ 1002.724507][ T1538] device syzkaller0 entered promiscuous mode [ 1002.827120][T27921] kovaplus 0003:1E7D:2D50.00D4: nested delimiters [ 1002.833397][T27921] kovaplus 0003:1E7D:2D50.00D4: item 0 1 2 10 parsing failed [ 1002.840842][T27921] kovaplus 0003:1E7D:2D50.00D4: parse failed [ 1002.846880][T27921] kovaplus: probe of 0003:1E7D:2D50.00D4 failed with error -22 [ 1002.866232][T19042] usb 2-1: new high-speed USB device number 111 using dummy_hcd [ 1002.942138][ T1542] netlink: 'syz-executor.4': attribute type 23 has an invalid length. [ 1002.950186][ T1542] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1003.029546][T19034] usb 3-1: USB disconnect, device number 80 [ 1003.076523][ T1546] device veth0_vlan left promiscuous mode [ 1003.082554][ T1546] device veth0_vlan entered promiscuous mode [ 1003.144661][ T1548] bridge0: port 3(veth1_macvtap) entered blocking state [ 1003.151489][ T1548] bridge0: port 3(veth1_macvtap) entered disabled state [ 1003.226287][T19042] usb 2-1: config 0 has no interfaces? [ 1003.231723][T19042] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1003.240684][T19042] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1003.248883][T19042] usb 2-1: config 0 descriptor?? [ 1003.430107][ T1556] syz-executor.4[1556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1003.430186][ T1556] syz-executor.4[1556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1003.488562][ T1532] loop1: detected capacity change from 0 to 256 [ 1003.512915][ T1532] exfat: Bad value for 'uid' [ 1003.571455][T19034] usb 2-1: USB disconnect, device number 111 [ 1003.685478][ T28] audit: type=1326 audit(2000000325.829:65684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.711110][ T28] audit: type=1326 audit(2000000325.859:65685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.735813][ T28] audit: type=1326 audit(2000000325.859:65686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.745134][ T1567] device ip6_vti0 entered promiscuous mode [ 1003.761017][ T28] audit: type=1326 audit(2000000325.859:65687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.790359][ T28] audit: type=1326 audit(2000000325.949:65688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.792231][ T1567] device vlan2 entered promiscuous mode [ 1003.817248][ T28] audit: type=1326 audit(2000000325.949:65689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1563 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7ffc0000 [ 1003.844777][ T1567] device ip6_vti0 left promiscuous mode [ 1004.085926][ T1575] bridge0: port 3(veth1_macvtap) entered blocking state [ 1004.092868][ T1575] bridge0: port 3(veth1_macvtap) entered disabled state [ 1004.216240][T19034] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 1004.244976][ T1579] device bridge0 entered promiscuous mode [ 1004.505372][ T1564] loop0: detected capacity change from 0 to 262144 [ 1004.521205][ T1564] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1004.548729][ T1564] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1004.586214][T19042] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 1004.586255][T19034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1004.604351][T19034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1004.613921][T19034] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 1004.622779][T19034] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1004.631537][T19034] usb 5-1: config 0 descriptor?? [ 1004.740147][ T1593] device veth0_vlan left promiscuous mode [ 1004.746047][ T1593] device veth0_vlan entered promiscuous mode [ 1004.825906][ T1595] EXT4-fs warning (device sda1): ext4_group_extend:1877: need to use ext2online to resize further [ 1004.856258][T19042] usb 3-1: Using ep0 maxpacket: 16 [ 1004.976272][T19042] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1005.117879][T19034] hid-multitouch 0003:0EEF:72D0.00D5: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.4-1/input0 [ 1005.156266][T19042] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 1005.165202][T19042] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.173021][T19042] usb 3-1: Product: syz [ 1005.177093][T19042] usb 3-1: Manufacturer: syz [ 1005.181589][T19042] usb 3-1: SerialNumber: syz [ 1005.188146][T19042] usb 3-1: config 0 descriptor?? [ 1005.226191][ T307] usb 2-1: new high-speed USB device number 112 using dummy_hcd [ 1005.236807][T19042] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 1005.244344][T19042] usb 3-1: Detected FT232R [ 1005.326912][T11750] usb 5-1: USB disconnect, device number 89 [ 1005.456249][T19042] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1005.466193][ T307] usb 2-1: Using ep0 maxpacket: 8 [ 1005.586263][ T307] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1005.717272][T19042] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1005.756267][ T307] usb 2-1: New USB device found, idVendor=056a, idProduct=00d1, bcdDevice= 0.40 [ 1005.765112][ T307] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.772951][ T307] usb 2-1: Product: syz [ 1005.776937][ T307] usb 2-1: Manufacturer: syz [ 1005.781474][ T307] usb 2-1: SerialNumber: syz [ 1005.826775][ T307] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 1005.917909][T27921] usb 3-1: USB disconnect, device number 81 [ 1005.924413][T27921] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1005.933889][T27921] ftdi_sio 3-1:0.0: device disconnected [ 1006.081856][ T1608] device ip6_vti0 entered promiscuous mode [ 1006.087588][ T1608] device vlan2 entered promiscuous mode [ 1006.093518][ T1608] device ip6_vti0 left promiscuous mode [ 1006.230087][ T1600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1006.238432][ T1600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1006.246608][T11750] usb 2-1: USB disconnect, device number 112 [ 1006.342242][ T1611] overlayfs: failed to resolve './file0': -2 [ 1006.534365][ T1618] loop0: detected capacity change from 0 to 256 [ 1006.550444][ T1618] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1006.716118][ T1620] overlayfs: failed to resolve './file0': -2 [ 1006.929303][ T1635] loop4: detected capacity change from 0 to 512 [ 1006.939438][ T1635] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 1006.949046][ T1635] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz-executor.4: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 1006.967349][ T1635] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 1006.979610][ T1635] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1006.987990][ T1635] ext2 filesystem being mounted at /root/syzkaller-testdir866422034/syzkaller.t7UYJK/40/file0 supports timestamps until 2038 (0x7fffffff) [ 1007.027666][ T1379] EXT4-fs (loop4): unmounting filesystem. [ 1007.187665][T11750] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 1007.371049][ T1650] serio: Serial port pts0 [ 1007.495992][ T1653] device wg2 entered promiscuous mode [ 1007.496660][T19034] usb 2-1: new high-speed USB device number 113 using dummy_hcd [ 1007.546295][T11750] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1007.557809][T11750] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1007.567463][T11750] usb 3-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 1007.576573][T11750] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1007.585842][T11750] usb 3-1: config 0 descriptor?? [ 1007.756256][T19034] usb 2-1: Using ep0 maxpacket: 16 [ 1007.876311][T19034] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1007.988645][ T1668] loop4: detected capacity change from 0 to 256 [ 1008.006302][ T1668] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1008.036282][T19034] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 1008.045225][T19034] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1008.053355][T19034] usb 2-1: Product: syz [ 1008.057517][T19034] usb 2-1: Manufacturer: syz [ 1008.062025][T19034] usb 2-1: SerialNumber: syz [ 1008.068808][T11750] hid-multitouch 0003:0EEF:72D0.00D6: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.2-1/input0 [ 1008.081405][T19034] usb 2-1: config 0 descriptor?? [ 1008.126775][T19034] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 1008.134332][T19034] usb 2-1: Detected FT232R [ 1008.162740][ T1670] loop0: detected capacity change from 0 to 40427 [ 1008.172443][ T1670] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1008.180033][ T1670] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1008.188586][ T1670] F2FS-fs (loop0): invalid crc value [ 1008.194983][ T1670] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1008.223359][ T1670] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1008.230426][ T1670] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1008.270558][T19040] usb 3-1: USB disconnect, device number 82 [ 1008.336351][T19034] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1008.537788][ T1683] overlayfs: missing 'lowerdir' [ 1008.646630][ T1685] device wg2 left promiscuous mode [ 1008.647141][T19034] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1008.663033][ T1685] device wg2 entered promiscuous mode [ 1008.856162][T27921] usb 2-1: USB disconnect, device number 113 [ 1008.863158][T27921] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1008.887497][T27921] ftdi_sio 2-1:0.0: device disconnected [ 1008.915759][ T353] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1008.924865][ T353] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 1009.030298][ T1690] overlayfs: missing 'lowerdir' [ 1009.977826][ T1726] serio: Serial port pts0 [ 1010.240039][ T28] audit: type=1326 audit(2000000332.389:65690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1732 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7fc00000 [ 1010.287101][ T28] audit: type=1326 audit(2000000332.389:65691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1732 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff72dc7cee9 code=0x7fc00000 [ 1010.337010][ T28] audit: type=1326 audit(2000000332.389:65692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1732 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72dc7cee9 code=0x7fc00000 [ 1010.606189][T19042] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 1010.716702][ T1710] loop0: detected capacity change from 0 to 262144 [ 1010.735312][ T1710] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1010.760462][ T1710] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1010.856260][T19042] usb 3-1: Using ep0 maxpacket: 16 [ 1010.996268][T19042] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1011.166336][T19042] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 1011.179986][T19042] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1011.197205][T19042] usb 3-1: Product: syz [ 1011.205691][T19042] usb 3-1: Manufacturer: syz [ 1011.215084][T19042] usb 3-1: SerialNumber: syz [ 1011.221049][T19042] usb 3-1: config 0 descriptor?? [ 1011.223156][ T1769] loop1: detected capacity change from 0 to 40427 [ 1011.239005][ T1769] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1011.246709][ T1769] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1011.257073][ T1769] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1011.266810][T19042] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 1011.274975][T19042] usb 3-1: Detected FT232R [ 1011.285964][ T1769] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1011.297437][ T1769] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1011.304327][ T1769] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1011.449585][ T1782] overlayfs: failed to resolve './file0': -2 [ 1011.476258][T19042] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1011.597926][ T1787] serio: Serial port pts0 [ 1011.737425][T19042] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1011.941239][T19034] usb 3-1: USB disconnect, device number 83 [ 1011.948325][T19034] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1011.961662][T19034] ftdi_sio 3-1:0.0: device disconnected [ 1012.110670][ T1796] loop4: detected capacity change from 0 to 256 [ 1012.125662][ T1796] exfat: Deprecated parameter 'utf8' [ 1012.133156][ T1796] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d) [ 1012.165214][ T28] audit: type=1326 audit(2000000334.309:65693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.225122][ T28] audit: type=1326 audit(2000000334.369:65694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.285159][ T28] audit: type=1326 audit(2000000334.429:65695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.345115][ T28] audit: type=1326 audit(2000000334.489:65696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.405128][ T28] audit: type=1326 audit(2000000334.549:65697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.465094][ T28] audit: type=1326 audit(2000000334.609:65698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.525116][ T28] audit: type=1326 audit(2000000334.669:65699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe818e7a667 code=0x7fc00000 [ 1012.556190][T19042] usb 2-1: new high-speed USB device number 114 using dummy_hcd [ 1012.688350][ T1811] input: syz0 as /devices/virtual/input/input161 [ 1012.826199][T19042] usb 2-1: Using ep0 maxpacket: 32 [ 1013.086861][ T1814] loop2: detected capacity change from 0 to 40427 [ 1013.099468][ T1814] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1013.107237][ T1814] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1013.117326][ T1814] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1013.146270][T19042] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 1013.146353][ T1814] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1013.155504][T19042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.162015][ T1814] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1013.177377][T19042] usb 2-1: Product: syz [ 1013.181582][T19042] usb 2-1: Manufacturer: syz [ 1013.186942][T19042] usb 2-1: SerialNumber: syz [ 1013.191853][T19042] usb 2-1: config 0 descriptor?? [ 1013.768108][ T1841] input: syz0 as /devices/virtual/input/input162 [ 1013.908102][T19042] rtl8150 2-1:0.0: eth1: rtl8150 is detected [ 1014.109443][T27921] usb 2-1: USB disconnect, device number 114 [ 1014.526225][ T307] usb 3-1: new high-speed USB device number 84 using dummy_hcd [ 1014.766249][ T307] usb 3-1: Using ep0 maxpacket: 32 [ 1015.003180][ T1879] loop4: detected capacity change from 0 to 256 [ 1015.046259][ T307] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 1015.055130][ T307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1015.062981][ T307] usb 3-1: Product: syz [ 1015.067127][ T307] usb 3-1: Manufacturer: syz [ 1015.071618][ T307] usb 3-1: SerialNumber: syz [ 1015.077393][ T307] usb 3-1: config 0 descriptor?? [ 1015.082595][ T1880] bridge0: port 1(bridge_slave_0) entered blocking state [ 1015.089727][ T1880] bridge0: port 1(bridge_slave_0) entered disabled state [ 1015.096949][ T1880] device bridge_slave_0 entered promiscuous mode [ 1015.105772][ T1880] bridge0: port 2(bridge_slave_1) entered blocking state [ 1015.112719][ T1880] bridge0: port 2(bridge_slave_1) entered disabled state [ 1015.120074][ T1880] device bridge_slave_1 entered promiscuous mode [ 1015.170456][ T1880] bridge0: port 2(bridge_slave_1) entered blocking state [ 1015.177317][ T1880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1015.184374][ T1880] bridge0: port 1(bridge_slave_0) entered blocking state [ 1015.191199][ T1880] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1015.213181][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1015.221088][T19040] bridge0: port 1(bridge_slave_0) entered disabled state [ 1015.228555][T19040] bridge0: port 2(bridge_slave_1) entered disabled state [ 1015.247665][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1015.255595][T19040] bridge0: port 1(bridge_slave_0) entered blocking state [ 1015.262455][T19040] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1015.270175][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1015.278292][T19040] bridge0: port 2(bridge_slave_1) entered blocking state [ 1015.285119][T19040] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1015.292490][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1015.303309][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1015.315977][T27921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1015.330683][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1015.338912][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1015.346297][T19042] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1015.355524][ T1880] device veth0_vlan entered promiscuous mode [ 1015.368265][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1015.378850][ T1880] device veth1_macvtap entered promiscuous mode [ 1015.389979][T19034] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1015.399780][T30674] device bridge_slave_1 left promiscuous mode [ 1015.405847][T30674] bridge0: port 2(bridge_slave_1) entered disabled state [ 1015.413792][T30674] device bridge_slave_0 left promiscuous mode [ 1015.420124][T30674] bridge0: port 1(bridge_slave_0) entered disabled state [ 1015.428990][T30674] device veth1_macvtap left promiscuous mode [ 1015.435039][T30674] device veth0_vlan left promiscuous mode [ 1015.542545][T19040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1015.605718][ T1898] overlayfs: failed to resolve './file0': -2 [ 1015.729239][ T1906] netlink: 23 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1016.375486][ T1934] 9pnet_fd: Insufficient options for proto=fd [ 1016.500840][ T1943] loop0: detected capacity change from 0 to 256 [ 1017.185520][ T1980] 9pnet_fd: Insufficient options for proto=fd [ 1017.207742][ T1984] loop1: detected capacity change from 0 to 256 [ 1017.447076][ T1998] loop1: detected capacity change from 0 to 512 [ 1017.461542][ T1998] EXT4-fs error (device loop1): __ext4_fill_super:5386: inode #2: comm syz-executor.1: iget: special inode unallocated [ 1017.474094][ T1998] EXT4-fs (loop1): get root inode failed [ 1017.479753][ T1998] EXT4-fs (loop1): mount failed [ 1017.516234][ T307] rtl8150 3-1:0.0: couldn't reset the device [ 1017.522218][ T307] rtl8150: probe of 3-1:0.0 failed with error -5 [ 1017.533966][ T1998] loop1: detected capacity change from 0 to 256 [ 1017.540861][ T307] usb 3-1: USB disconnect, device number 84 [ 1017.547445][ T1998] exFAT-fs (loop1): invalid boot record signature [ 1017.554230][ T1998] exFAT-fs (loop1): failed to read boot sector [ 1017.560337][ T1998] exFAT-fs (loop1): failed to recognize exfat type [ 1017.896201][ T307] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 1018.266270][ T307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1018.277541][ T307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1018.290120][ T2013] loop0: detected capacity change from 0 to 512 [ 1018.296556][ T307] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1018.305860][ T307] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1018.314833][ T307] usb 3-1: config 0 descriptor?? [ 1018.320315][ T2013] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 1018.330421][ T2013] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 1018.340618][ T2013] EXT4-fs (loop0): 1 truncate cleaned up [ 1018.346069][ T2013] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1018.355109][ T2013] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 1018.364480][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 1018.364497][ T28] audit: type=1326 audit(2000000340.519:65708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 1018.394515][ T28] audit: type=1326 audit(2000000340.519:65709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 1018.418439][ T28] audit: type=1326 audit(2000000340.519:65710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 1018.442446][ T28] audit: type=1326 audit(2000000340.519:65711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 1018.466303][ T28] audit: type=1326 audit(2000000340.519:65712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe818e7cee9 code=0x7ffc0000 [ 1018.511330][ T525] EXT4-fs (loop0): unmounting filesystem. [ 1018.621087][ T2018] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted [ 1019.158087][ T2040] netlink: 23 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1019.486281][ T307] uclogic 0003:256C:006D.00D7: interface is invalid, ignoring [ 1019.575659][ T2050] loop0: detected capacity change from 0 to 512 [ 1019.592002][ T2050] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: iget: special inode unallocated [ 1019.604687][ T2050] EXT4-fs (loop0): get root inode failed [ 1019.610437][ T2050] EXT4-fs (loop0): mount failed [ 1019.661323][ T2050] loop0: detected capacity change from 0 to 256 [ 1019.668768][ T2050] exFAT-fs (loop0): invalid boot record signature [ 1019.675127][ T2050] exFAT-fs (loop0): failed to read boot sector [ 1019.681286][ T2050] exFAT-fs (loop0): failed to recognize exfat type [ 1019.691637][ T307] usb 3-1: USB disconnect, device number 85 [ 1019.957548][ T2059] 9pnet_fd: Insufficient options for proto=fd [ 1020.161555][ T2065] loop1: detected capacity change from 0 to 512 [ 1020.175033][ T2065] EXT4-fs error (device loop1): __ext4_fill_super:5386: inode #2: comm syz-executor.1: iget: special inode unallocated [ 1020.187592][ T2065] EXT4-fs (loop1): get root inode failed [ 1020.193155][ T2065] EXT4-fs (loop1): mount failed [ 1020.241166][ T2065] loop1: detected capacity change from 0 to 256 [ 1020.247617][ T2065] exFAT-fs (loop1): invalid boot record signature [ 1020.254416][ T2065] exFAT-fs (loop1): failed to read boot sector [ 1020.260451][ T2065] exFAT-fs (loop1): failed to recognize exfat type [ 1020.556230][ T60] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 1020.661884][ T2080] loop3: detected capacity change from 0 to 512 [ 1020.700753][ T2080] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1020.709722][ T2080] ext4 filesystem being mounted at /root/syzkaller-testdir1821299856/syzkaller.NgJcwF/23/file0 supports timestamps until 2038 (0x7fffffff) [ 1020.728298][ T2080] EXT4-fs: Cannot change journaled quota options when quota turned on [ 1020.758511][ T1880] EXT4-fs (loop3): unmounting filesystem. [ 1020.936480][ T60] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 1020.947789][ T60] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 1020.959057][ T60] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 1020.971109][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1020.996289][ T2068] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1021.161962][ T2095] syz-executor.3[2095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1021.162012][ T2095] syz-executor.3[2095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1021.179776][ T2096] loop1: detected capacity change from 0 to 512 [ 1021.199130][ T2096] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 1021.209116][ T2096] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 1021.219305][ T2096] EXT4-fs (loop1): 1 truncate cleaned up [ 1021.224830][ T2096] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1021.234795][ T2096] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 1021.243276][ T28] audit: type=1326 audit(2000000343.389:65713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d67e7cee9 code=0x7ffc0000 [ 1021.267263][ T28] audit: type=1326 audit(2000000343.389:65714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d67e7cee9 code=0x7ffc0000 [ 1021.291139][ T28] audit: type=1326 audit(2000000343.389:65715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d67e7cee9 code=0x7ffc0000 [ 1021.315004][ T28] audit: type=1326 audit(2000000343.389:65716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d67e7cee9 code=0x7ffc0000 [ 1021.338949][ T28] audit: type=1326 audit(2000000343.389:65717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2094 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f5d67e7cee9 code=0x7ffc0000 [ 1021.339547][T30415] EXT4-fs (loop1): unmounting filesystem. [ 1021.370531][ T2099] bridge0: port 3(vlan2) entered blocking state [ 1021.376610][ T2099] bridge0: port 3(vlan2) entered disabled state [ 1021.500736][ T2105] loop3: detected capacity change from 0 to 512 [ 1021.514826][ T2105] EXT4-fs error (device loop3): __ext4_fill_super:5386: inode #2: comm syz-executor.3: iget: special inode unallocated [ 1021.527346][ T2105] EXT4-fs (loop3): get root inode failed [ 1021.533479][ T2105] EXT4-fs (loop3): mount failed [ 1021.539881][ T2101] kvm_set_msr_common: 93 callbacks suppressed [ 1021.539892][ T2101] kvm [2100]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc1 data 0x800 [ 1021.554699][ T2101] kvm [2100]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc2 data 0x800 [ 1021.566961][ T2101] kvm [2100]: vcpu0, guest rIP: 0x20e ignored wrmsr: 0x11e data 0x800 [ 1021.581357][ T2101] kvm [2100]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0x186 data 0x800 [ 1021.581518][ T2105] loop3: detected capacity change from 0 to 256 [ 1021.590593][ T2101] kvm [2100]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0x187 data 0x800 [ 1021.596985][ T2105] exFAT-fs (loop3): invalid boot record signature [ 1021.611386][ T2105] exFAT-fs (loop3): failed to read boot sector [ 1021.617879][ T2105] exFAT-fs (loop3): failed to recognize exfat type [ 1022.689230][ T2131] syz-executor.1[2131] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1022.689306][ T2131] syz-executor.1[2131] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1022.893259][ T2141] blk_print_req_error: 246 callbacks suppressed [ 1022.893279][ T2141] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1022.920315][ T2141] FAT-fs (loop1): unable to read boot sector [ 1023.033181][ T2148] loop0: detected capacity change from 0 to 512 [ 1023.051742][ T2148] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz-executor.0: iget: special inode unallocated [ 1023.064194][ T2148] EXT4-fs (loop0): get root inode failed [ 1023.069668][ T2148] EXT4-fs (loop0): mount failed [ 1023.092750][ T2142] kvm [2139]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc1 data 0x800 [ 1023.101626][ T2142] kvm [2139]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc2 data 0x800 [ 1023.114537][ T2142] kvm [2139]: vcpu0, guest rIP: 0x20e ignored wrmsr: 0x11e data 0x800 [ 1023.115479][ T2148] loop0: detected capacity change from 0 to 256 [ 1023.127056][ T2142] kvm [2139]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0x186 data 0x800 [ 1023.129194][ T2148] exFAT-fs (loop0): invalid boot record signature [ 1023.137618][ T2142] kvm [2139]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0x187 data 0x800 [ 1023.143660][ T2148] exFAT-fs (loop0): failed to read boot sector [ 1023.158442][ T2148] exFAT-fs (loop0): failed to recognize exfat type [ 1023.266254][ T60] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 1023.275075][ T60] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input163 [ 1023.285859][ T60] usb 3-1: USB disconnect, device number 86 [ 1024.241661][ T2175] loop0: detected capacity change from 0 to 8192 [ 1024.529153][ T2194] syz-executor.3[2194] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1024.529231][ T2194] syz-executor.3[2194] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1024.562362][ T2194] SELinux: security_context_str_to_sid (s) failed with errno=-22 [ 1024.622685][ T2188] kvm [2185]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc1 data 0x800 [ 1024.631797][ T2188] kvm [2185]: vcpu0, guest rIP: 0x20e disabled perfctr wrmsr: 0xc2 data 0x800 [ 1024.643971][ T2188] kvm [2185]: vcpu0, guest rIP: 0x20e ignored wrmsr: 0x11e data 0x800 [ 1024.736246][T19034] usb 2-1: new high-speed USB device number 115 using dummy_hcd [ 1024.744456][ T2199] syz-executor.2[2199] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1024.744540][ T2199] syz-executor.2[2199] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1024.777290][ T2200] incfs_lookup_dentry err:-22 [ 1024.793607][ T2200] incfs: Can't find or create .index dir in ./file0 [ 1024.800751][ T2200] incfs: mount failed -22 [ 1025.096660][ T2209] loop3: detected capacity change from 0 to 8192 [ 1025.116272][T19034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1025.127059][T19034] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1025.156162][T19034] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1025.168963][T19034] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1025.181160][T19034] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1025.196377][T19034] usb 2-1: config 0 descriptor?? [ 1025.310542][ T2208] loop2: detected capacity change from 0 to 40427 [ 1025.325361][ T2208] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1025.332968][ T2208] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1025.341701][ T2208] F2FS-fs (loop2): invalid crc value [ 1025.348101][ T2208] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1025.372061][ T2208] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1025.378993][ T2208] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1025.536274][T19042] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1025.730263][T19034] plantronics 0003:047F:FFFF.00D8: unknown main item tag 0x0 [ 1025.737567][T19034] plantronics 0003:047F:FFFF.00D8: unknown main item tag 0x0 [ 1025.744856][T19034] plantronics 0003:047F:FFFF.00D8: No inputs registered, leaving [ 1025.754794][T19034] plantronics 0003:047F:FFFF.00D8: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1025.893208][ T353] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1025.903011][ T353] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 1025.957204][T19034] usb 2-1: USB disconnect, device number 115 [ 1025.976784][T19042] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1025.988175][T19042] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1025.997817][T19042] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1026.006777][T19042] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1026.015166][T19042] usb 4-1: config 0 descriptor?? [ 1026.409604][T30674] Bluetooth: hci0: Frame reassembly failed (-84) [ 1026.480631][ T2242] loop0: detected capacity change from 0 to 8192 [ 1026.856196][T19040] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 1027.216333][T19042] uclogic 0003:256C:006D.00D9: interface is invalid, ignoring [ 1027.216356][T19040] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1027.234408][T19040] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1027.243965][T19040] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1027.252905][T19040] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1027.262322][T19040] usb 2-1: config 0 descriptor?? [ 1027.420305][T19042] usb 4-1: USB disconnect, device number 91 [ 1027.776787][ T2250] loop0: detected capacity change from 0 to 131072 [ 1027.790076][ T2250] F2FS-fs (loop0): invalid crc value [ 1027.796755][ T2250] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1027.820716][ T2250] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 1027.835881][ T2250] F2FS-fs (loop0): sanity_check_inode: corrupted inode footer i_ino=7, ino,nid: [2097159, 7] run fsck to fix. [ 1028.169050][ T2265] loop0: detected capacity change from 0 to 512 [ 1028.188449][ T2265] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1028.197517][ T2265] ext4 filesystem being mounted at /root/syzkaller-testdir642299425/syzkaller.sLnZSr/116/bus supports timestamps until 2038 (0x7fffffff) [ 1028.238223][ T525] EXT4-fs (loop0): unmounting filesystem. [ 1028.352504][ T2275] incfs: Can't find or create .index dir in ./file0 [ 1028.359004][ T2275] incfs: mount failed -126 [ 1028.363704][ T2275] incfs_lookup_dentry err:-13 [ 1028.368246][ T2275] incfs: Can't find or create .index dir in ./file0 [ 1028.374630][ T2275] incfs: mount failed -13 [ 1028.456578][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1028.456710][T16089] Bluetooth: hci0: command 0x1003 tx timeout [ 1028.626252][T19040] uclogic 0003:256C:006D.00DA: failed retrieving string descriptor #100: -71 [ 1028.634866][T19040] uclogic 0003:256C:006D.00DA: failed retrieving pen parameters: -71 [ 1028.642901][T19040] uclogic 0003:256C:006D.00DA: failed probing pen v1 parameters: -71 [ 1028.650843][T19040] uclogic 0003:256C:006D.00DA: failed probing parameters: -71 [ 1028.658133][T19040] uclogic: probe of 0003:256C:006D.00DA failed with error -71 [ 1028.666341][T19040] usb 2-1: USB disconnect, device number 116 [ 1028.953389][ T2301] loop2: detected capacity change from 0 to 256 [ 1029.057902][ T2305] loop0: detected capacity change from 0 to 256 [ 1029.201416][ T2306] loop2: detected capacity change from 0 to 40427 [ 1029.219621][ T2306] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1029.236150][ T2306] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1029.287001][ T2306] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1029.346199][ T2306] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1029.368271][ T2306] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1029.375175][ T2306] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1029.392099][ T2308] loop0: detected capacity change from 0 to 40427 [ 1029.411494][ T2308] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1029.421325][ T2308] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1029.452977][ T2308] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1029.511886][ T2308] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1029.546470][ T2308] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1029.553479][ T2308] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1029.728597][ T2324] overlayfs: failed to resolve './file0': -2 [ 1029.778201][ T2320] loop3: detected capacity change from 0 to 40427 [ 1029.796407][ T2320] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1029.807300][ T2320] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1029.842490][ T2320] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1029.879575][ T2320] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1029.953363][ T2331] overlayfs: failed to resolve './file0': -2 [ 1030.055899][ T2320] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1030.075878][ T2320] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1030.314838][ T2334] overlayfs: failed to resolve './file0': -2 [ 1030.365703][ T2336] loop2: detected capacity change from 0 to 512 [ 1030.384560][ T2336] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 1030.394107][ T2336] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1030.400746][ T2336] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 1030.416361][ T2336] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 1030.423133][ T2336] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz-executor.2: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1030.441651][ T2336] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 13 (err -117) [ 1030.454645][ T2336] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1030.467084][ T2336] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 1030.476501][ T2336] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 1030.487321][ T2336] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 1030.503435][ T2336] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 1030.512665][ T2336] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 1030.536526][ T2336] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 1030.650098][ T1366] EXT4-fs (loop2): unmounting filesystem. [ 1030.726197][ T307] usb 1-1: new high-speed USB device number 100 using dummy_hcd [ 1030.966247][ T307] usb 1-1: Using ep0 maxpacket: 16 [ 1031.004241][ T2359] loop2: detected capacity change from 0 to 512 [ 1031.032931][ T2359] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1031.044772][ T2359] EXT4-fs (loop2): 1 truncate cleaned up [ 1031.050415][ T2359] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1031.086245][ T307] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1031.097073][ T307] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1031.100046][ T2355] loop3: detected capacity change from 0 to 40427 [ 1031.110513][ T307] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1031.124829][ T307] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1031.126712][ T2355] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1031.133332][ T307] usb 1-1: config 0 descriptor?? [ 1031.141233][ T1366] EXT4-fs (loop2): unmounting filesystem. [ 1031.145058][ T2355] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1031.159293][ T2355] F2FS-fs (loop3): invalid crc value [ 1031.165876][ T2355] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1031.192859][ T2355] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1031.199745][ T2355] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1031.637262][ T307] HID 045e:07da: Invalid code 65791 type 1 [ 1031.644555][ T307] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.00DB/input/input164 [ 1031.655859][T19040] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 1031.663905][ T307] microsoft 0003:045E:07DA.00DB: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 1031.819800][ T353] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1031.828981][ T353] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 1031.896281][T19040] usb 3-1: Using ep0 maxpacket: 32 [ 1032.036243][ T2373] loop3: detected capacity change from 0 to 40427 [ 1032.049940][ T2373] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1032.057573][ T2373] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1032.067659][ T2373] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1032.089130][ T2373] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1032.100439][ T2373] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1032.107350][ T2373] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1032.116200][T19042] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 1032.176215][T19040] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 1032.185094][T19040] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1032.192967][T19040] usb 3-1: Product: syz [ 1032.196899][T19040] usb 3-1: Manufacturer: syz [ 1032.201312][T19040] usb 3-1: SerialNumber: syz [ 1032.206273][T19040] usb 3-1: config 0 descriptor?? [ 1032.277801][ T2379] overlayfs: failed to resolve './file0': -2 [ 1032.526239][T19042] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1032.536282][T19042] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping [ 1032.546653][T19042] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1032.686253][T19040] CoreChips: probe of 3-1:0.0 failed with error -71 [ 1032.693179][T19040] usb 3-1: USB disconnect, device number 87 [ 1032.756265][T19042] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1032.765174][T19042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1032.774831][T19042] usb 2-1: Product: syz [ 1032.778841][T19042] usb 2-1: Manufacturer: syz [ 1032.796150][T19042] usb 2-1: SerialNumber: syz [ 1033.382218][ T2386] loop2: detected capacity change from 0 to 40427 [ 1033.394536][ T2386] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1033.397467][ T307] usb 1-1: USB disconnect, device number 100 [ 1033.402191][ T2386] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1033.433149][ T2386] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1033.480805][ T2395] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1033.502791][ T2395] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1033.544915][ T2386] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1033.660112][ T2397] loop0: detected capacity change from 0 to 256 [ 1033.669110][ T2386] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1033.676015][ T2386] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1033.858211][ T2403] overlayfs: failed to resolve './file0': -2 [ 1033.966257][T19042] cdc_ncm 2-1:1.0: bind() failure [ 1033.986233][T19042] cdc_ncm: probe of 2-1:1.1 failed with error -71 [ 1034.006214][T19042] cdc_mbim: probe of 2-1:1.1 failed with error -71 [ 1034.013117][T19042] usb 2-1: USB disconnect, device number 117 [ 1034.659802][ T2417] loop2: detected capacity change from 0 to 40427 [ 1034.673996][ T2417] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1034.681852][ T2417] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1034.691958][ T2417] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1034.715959][ T2417] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1034.727778][ T2417] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1034.734748][ T2417] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1034.856231][T19042] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 1034.904924][ T2429] loop0: detected capacity change from 0 to 40427 [ 1034.925086][ T2431] overlayfs: failed to resolve './file0': -2 [ 1034.963763][ T2429] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1034.971447][ T2429] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1034.981814][ T2429] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1035.003859][ T2429] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1035.015300][ T2429] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1035.022383][ T2429] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1035.193264][ T2437] overlayfs: failed to resolve './file0': -2 [ 1035.246188][T19042] usb 2-1: Using ep0 maxpacket: 32 [ 1035.616274][T19042] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 1035.625164][T19042] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1035.633779][T19042] usb 2-1: Product: syz [ 1035.638094][T19042] usb 2-1: Manufacturer: syz [ 1035.642593][T19042] usb 2-1: SerialNumber: syz [ 1035.647455][T19042] usb 2-1: config 0 descriptor?? [ 1035.857769][ T2443] loop3: detected capacity change from 0 to 40427 [ 1035.872540][ T2443] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1035.880210][ T2443] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1035.891036][ T2443] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1035.912388][ T2443] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1035.925266][ T2443] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1035.932356][ T2443] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1036.017021][ T2457] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1036.043970][ T2457] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1036.126741][T19042] CoreChips: probe of 2-1:0.0 failed with error -71 [ 1036.149116][T19042] usb 2-1: USB disconnect, device number 118 [ 1036.465938][ T2459] overlayfs: failed to resolve './file0': -2 [ 1036.690646][ T2461] loop2: detected capacity change from 0 to 1024 [ 1036.706536][ T2461] EXT4-fs: Ignoring removed orlov option [ 1036.715419][ T2461] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1036.727876][ T2461] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1036.741718][ T2461] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode [ 1036.755269][ T2461] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr [ 1036.826682][ T1366] ================================================================== [ 1036.834555][ T1366] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 1036.842365][ T1366] Read of size 4 at addr ffff88813f5d9000 by task syz-executor.2/1366 [ 1036.850351][ T1366] [ 1036.852521][ T1366] CPU: 1 PID: 1366 Comm: syz-executor.2 Tainted: G W 6.1.78-syzkaller-00134-g997e6b3f6a21 #0 [ 1036.863893][ T1366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1036.873786][ T1366] Call Trace: [ 1036.876916][ T1366] [ 1036.879685][ T1366] dump_stack_lvl+0x151/0x1b7 [ 1036.884310][ T1366] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 1036.889600][ T1366] ? _printk+0xd1/0x111 [ 1036.893595][ T1366] ? __virt_addr_valid+0x242/0x2f0 [ 1036.898540][ T1366] print_report+0x158/0x4e0 [ 1036.902975][ T1366] ? __virt_addr_valid+0x242/0x2f0 [ 1036.907922][ T1366] ? kasan_addr_to_slab+0xd/0x80 [ 1036.912699][ T1366] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 1036.918169][ T1366] kasan_report+0x13c/0x170 [ 1036.922501][ T1366] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 1036.927972][ T1366] __asan_report_load4_noabort+0x14/0x20 [ 1036.933437][ T1366] ext4_xattr_delete_inode+0xcd0/0xce0 [ 1036.938733][ T1366] ? sb_end_intwrite+0x130/0x130 [ 1036.943505][ T1366] ? ext4_expand_extra_isize_ea+0x1c40/0x1c40 [ 1036.949409][ T1366] ? __kasan_check_read+0x11/0x20 [ 1036.954276][ T1366] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 1036.959994][ T1366] ? ext4_evict_inode+0xbc2/0x1550 [ 1036.964943][ T1366] ext4_evict_inode+0xef9/0x1550 [ 1036.969762][ T1366] ? _raw_spin_unlock+0x4c/0x70 [ 1036.974405][ T1366] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 1036.980132][ T1366] ? _raw_spin_unlock+0x4c/0x70 [ 1036.984928][ T1366] ? inode_io_list_del+0x18b/0x1a0 [ 1036.989874][ T1366] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 1036.995598][ T1366] evict+0x2a3/0x630 [ 1036.999332][ T1366] iput+0x642/0x870 [ 1037.002976][ T1366] vfs_rmdir+0x3c2/0x500 [ 1037.007054][ T1366] do_rmdir+0x3ab/0x630 [ 1037.011047][ T1366] ? d_delete_notify+0x160/0x160 [ 1037.015823][ T1366] __x64_sys_unlinkat+0xdf/0xf0 [ 1037.020506][ T1366] do_syscall_64+0x3d/0xb0 [ 1037.024757][ T1366] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 1037.030485][ T1366] RIP: 0033:0x7ff72dc7c6c7 [ 1037.034740][ T1366] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1037.054181][ T1366] RSP: 002b:00007ffdb68d3f68 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 1037.062425][ T1366] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007ff72dc7c6c7 [ 1037.070239][ T1366] RDX: 0000000000000200 RSI: 00007ffdb68d5110 RDI: 00000000ffffff9c [ 1037.078068][ T1366] RBP: 00007ff72dcc8336 R08: 0000000000000000 R09: 0000000000000000 [ 1037.085862][ T1366] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffdb68d5110 [ 1037.093672][ T1366] R13: 00007ff72dcc8336 R14: 00000000000fd169 R15: 0000000000000009 [ 1037.101484][ T1366] [ 1037.104345][ T1366] [ 1037.106515][ T1366] The buggy address belongs to the physical page: [ 1037.112886][ T1366] page:ffffea0004fd7640 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x13f5d9 [ 1037.122940][ T1366] flags: 0x4000000000000000(zone=1) [ 1037.127985][ T1366] raw: 4000000000000000 ffffea0004fd7688 ffffea0005482508 0000000000000000 [ 1037.136396][ T1366] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 1037.144896][ T1366] page dumped because: kasan: bad access detected [ 1037.151169][ T1366] page_owner tracks the page as freed [ 1037.156351][ T1366] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 2461, tgid 2460 (syz-executor.2), ts 1036684817016, free_ts 1036690487193 [ 1037.176489][ T1366] post_alloc_hook+0x213/0x220 [ 1037.181085][ T1366] prep_new_page+0x1b/0x110 [ 1037.185417][ T1366] get_page_from_freelist+0x27ea/0x2870 [ 1037.190805][ T1366] __alloc_pages+0x3a1/0x780 [ 1037.195225][ T1366] __folio_alloc+0x15/0x40 [ 1037.199477][ T1366] handle_mm_fault+0x1fb0/0x2f40 [ 1037.204251][ T1366] exc_page_fault+0x3b3/0x700 [ 1037.208765][ T1366] asm_exc_page_fault+0x27/0x30 [ 1037.213453][ T1366] page last free stack trace: [ 1037.217964][ T1366] free_unref_page_prepare+0x83d/0x850 [ 1037.223269][ T1366] free_unref_page_list+0xf1/0x7b0 [ 1037.228252][ T1366] release_pages+0xf7f/0xfe0 [ 1037.232633][ T1366] free_pages_and_swap_cache+0x8a/0xa0 [ 1037.237928][ T1366] tlb_finish_mmu+0x1e0/0x3f0 [ 1037.242559][ T1366] unmap_region+0x2c1/0x310 [ 1037.246893][ T1366] do_mas_align_munmap+0xd05/0x1400 [ 1037.251929][ T1366] do_mas_munmap+0x23e/0x2b0 [ 1037.256359][ T1366] __vm_munmap+0x263/0x3a0 [ 1037.260606][ T1366] __x64_sys_munmap+0x6b/0x80 [ 1037.265121][ T1366] do_syscall_64+0x3d/0xb0 [ 1037.269372][ T1366] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 1037.275101][ T1366] [ 1037.277273][ T1366] Memory state around the buggy address: [ 1037.282744][ T1366] ffff88813f5d8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1037.290638][ T1366] ffff88813f5d8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1037.298542][ T1366] >ffff88813f5d9000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1037.306433][ T1366] ^ [ 1037.310339][ T1366] ffff88813f5d9080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1037.318251][ T1366] ffff88813f5d9100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 2033/05/18 03:39:19 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 1037.326140][ T1366] ================================================================== [ 1037.347740][ T1366] Disabling lock debugging due to kernel taint